CERT Poland has received a report about using hard-coded credentials in iZZi connect application and assigned it the number CVE-2024-0390.

One of the key cybersecurity challenges in Europe is reducing reliance on threat intelligence from non-EU countries. The FETTA (Federated European Team for Threat Analysis) project aims to address this issue by creating a federated team that spans across borders, providing Cyber Threat Intelligence (CTI) products and tooling.

CERT Poland has received a report about 5 vulnerabilities found in PAX POS (Point Of Sale) devices.

10 vulnerabilities (from CVE-2023-49253 to CVE-2023-49262) has been found in Hongdian Router H8951-4G-ESP software.

Stored XSS vulnerability (CVE-2023-5118) has been found in Kofax Capture software.

A vulnerability has been found in the TCExam open source software (CVE-2023-6554).

An open redirect vulnerability has been found in the TasmoAdmin open source software (CVE-2023-6552).

CERT Poland has received a report about a SQL injection vulnerability in the PrestaShop Google Integrator software and assigned it the number CVE-2023-6921.

Stored XSS vulnerability has been found in class.upload.php open source library (CVE-2023-6551).

Artemis is an open-source security vulnerability scanner developed by CERT PL. It is built to look for website misconfigurations and vulnerabilities on a large number of sites. It automatically prepares reports that can be sent to the affected institutions. Thanks to its modular architecture, it can be used to combine the results of various other tools in a single dashboard.