all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution

Add to bookmarks
June 28, 2023, 7:24 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems.
"These SQL injections happened despite the use of an Object-Relational Mapping (ORM) library and prepared statements," SonarSource researcher Thomas Chauchefoin said, adding they could result in RCE on Soko because of a "misconfiguration of the database.

code code execution critical flaws gentoo injection library mapping object rce remote code remote code execution researcher result sonarsource sql sql injection sql injections sql injection vulnerabilities systems thomas vulnerabilities vulnerable

Visit resource

More from thehackernews.com / The Hacker News

Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator 4 hours ago | thehackernews.com
addition administrator agency crime +17
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data 7 hours ago | thehackernews.com
academia access activists apt42 +32
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion 7 hours ago | thehackernews.com
attack back china china-linked hackers +16
New Case Study: The Malicious Comment 9 hours ago | thehackernews.com
case code comments discover +12
Google Simplifies 2-Factor Authentication Setup (It's More Important Than Ever) 10 hours ago | thehackernews.com
2fa 2-step verification 2sv accounts +18
Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering 11 hours ago | thehackernews.com
alexander vinnik august btc btc-e +19
Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution 1 day, 6 hours ago | thehackernews.com
cisco code code execution critical +21
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices 1 day, 6 hours ago | thehackernews.com
arcanedoor attack attack surface attack surface management +23
It Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBs 1 day, 9 hours ago | thehackernews.com
business cyberattacks cybercriminals financial +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Incident Response Lead

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

GRC Analyst

@ Chubb | Malaysia
View on infosec-jobs.com

Information Security Manager

@ Walbec Group | Waukesha, WI, United States
View on infosec-jobs.com

Senior Executive / Manager, Security Ops (TSSQ)

@ SMRT Corporation Ltd | Singapore, SG
View on infosec-jobs.com

Senior Engineer, Cybersecurity

@ Sonova Group | Valencia (CA), United States
View on infosec-jobs.com

Consultant (Multiple Positions Available)

@ Atos | Plano, TX, US, 75093
View on infosec-jobs.com
View more jobs