Hello everyone：

Forward the vulnerability warning announcement of the National Information Security Research Institute, and ask colleagues to confirm and update or patch it as soon as possible to reduce related information security risks.

1. PHP has a high-risk security vulnerability (CVE-2024-4577)
   ● Researchers have discovered that PHP has an Argument Injection vulnerability (CVE-2024-4577). An unauthenticated remote attacker can bypass the old CVE-2012-1823 vulnerability through a specific character sequence. Protection, and execution of arbitrary code on the remote PHP server through attacks such as parameter injection. Please confirm and patch as soon as possible.

2. Justice AV Solutions Viewer has a high-risk security vulnerability (CVE-2024-4978)
   ● Researchers found that the installation program of Justice AV Solutions Viewer 8.3.7.250-1 was embedded with a backdoor program (CVE-2024-4978). After the hacker downloaded and installed Justice AV Solutions Viewer from the official website, the backdoor program would be installed and installed on the system. Background execution of unauthorized PowerShell commands. This vulnerability has been exploited by hackers, please confirm and update as soon as possible.

3. There is a high-risk security vulnerability in Linux Kernel (CVE-2024-1086)
   ● Researchers have discovered that the Linux Kernel has a Memory Use After Free vulnerability (CVE-2024-1086). A local attacker who has obtained general privileges can use this vulnerability to escalate to administrator privileges. This vulnerability has been exploited by hackers, please confirm and update as soon as possible.

4. D-Link DIR-600 router has a high-risk security vulnerability (CVE-2021-40655)
   ● Researchers discovered that the D-Link DIR-600 router has a Sensitive Information Disclosure vulnerability (CVE-2021-40655). An unauthenticated remote attacker can send a forged POST request to obtain user accounts and Passcode. This vulnerability has been exploited by hackers, please confirm as soon as possible and take corresponding measures.

5. Github became the target of online ransomware attacks, and hackers stole the account Gitloker to carry out attacks.
   ● Researchers discovered that hackers attacked the Github project repository. The hackers were suspected of stealing user credentials to carry out attacks. This attack used the Gitloker account in Telegram to pretend to be a security analyst for phishing.

Related Articles:
   ■https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1274/
   ■https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1276/
   ■https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1275/
   ■https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alert_Announcements/1272/
   ■https://www.twcert.org.tw/tw/cp-104-7890-2e953-1.html 

For more question about information security, please directly consult with Computer Center, at rogeryu@mail.ntust.edu.tw or applechang@mail.ntust.edu.tw