1288H V5; 2288H V5; 2488 V5; CH121 V3; CH121L V3; CH121L V5; CH121 V5; CH140 V3; CH140L V3; CH220 V3; CH222 V3; CH242 V3; CH242 V5; RH1288 V3; RH2288 V3; RH2288H V3; XH310 V3; XH321 V3; XH321 V5; XH620 V3 Security Vulnerabilities

CVE-2023-38563

Archer C1200 firmware versions prior to 'Archer C1200(JP)_V2_230508' and Archer C9 firmware versions prior to 'Archer C9(JP)_V3_230508' allow a network-adjacent unauthenticated attacker to execute arbitrary OS...

Security Bulletin: NVIDIA BlueField Data Processing Unit - September 2023

NVIDIA has released a firmware update for the NVIDIA BlueField Data Processing Unit. This update addresses security issues that may lead to escalation of privileges. To protect your system, download and install this firmware update from the NVIDIA Networking Support page. Go to NVIDIA Product...

Attacker can DOS the sync function of RdpxV2Core which will brick critical functionality

Lines of code https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/core/RdpxV2Core.sol#L975-L990 https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/core/RdpxV2Core.sol#L1001-L1003 Vulnerability details Impact The sync function of the RdpxV2Core contract is critical for...

Fujitsu Limited Real-time Video Transmission Gear "IP series"

EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely Vendor: Fujitsu Limited Equipment: Real-time Video Transmission Gear "IP series" Vulnerability: Use Of Hard-Coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could result in an attacker logging into...

​Softneta MedDream PACS

EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: Softneta ​Equipment: MedDream PACS ​Vulnerabilities: Exposed Dangerous Method or Function, Plaintext Storage of a Password 2. RISK EVALUATION ​Successful exploitation of these vulnerabilities could...

Researchers Warn of Cyber Weapons Used by Lazarus Group's Andariel Cluster

The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. "One characteristic of the attacks identified in 2023 is that there are numerous malware strains...

Password-stealing Chrome extension smuggled on to Web Store

Researchers at the University of Wisconsin-Madison have demonstrated that Chrome browser extensions can steal passwords from the text input fields in websites, even if the extension is compliant with Chrome's latest security and privacy standard, Manifest V3. To prove it, they created a proof of...

JVN#92720882: Multiple vulnerabilities in CGIs of PMailServer and PMailServer2

CGIs included with PMailServer and PMailServer2 provided by A.K.I Software contain multiple vulnerabilities listed below. Stored cross-site scripting vulnerability (CWE-79) - CVE-2023-39223 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4...

JVN#78113802: Multiple vulnerabilities in F-RevoCRM

F-RevoCRM provided by Thinkingreed Inc. contains multiple vulnerabilities listed below. OS Command Injection (CWE-78) - CVE-2023-41149 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 9.8 CVSS v2| AV:N/AC:L/Au:N/C:P/I:P/A:P| Base Score: 7.5 ...

CVE-2023-4746

A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But...

CVE-2023-4746

A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But...

Format string

A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But...

CVE-2023-4746 TOTOLINK N200RE V5 Validity_check format string

A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The root-cause of the vulnerability is a format string issue. But...

Tinycontrol LAN Controller 3 Remote Credential Extraction Exploit

...

Tinycontrol LAN Controller 3 Remote Admin Password Change Exploit

...

Tinycontrol LAN Controller 3 Denial Of Service Vulnerability

...

JVN#82758000: Multiple vulnerabilities in SHIRASAGI

SHIRASAGI provided by SHIRASAGI Project contains multiple vulnerabilities listed below. Reflected cross-site scripting (CWE-79) - CVE-2023-36492 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS v2| AV:N/AC:H/Au:N/C:N/I:P/A:N| Base...

Tinycontrol LAN Controller 3 Remote Admin Password Change

...

Tinycontrol LAN Controller 3 Denial Of Service

...

Tinycontrol LAN Controller 3 Remote Credential Extraction

...

Fedora 38 : libwebsockets / mosquitto (2023-6a87c003c4)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-6a87c003c4 advisory. In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. (CVE-2023-0809) In...

Tinycontrol LAN Controller v3 (LK3) Remote Admin Password Change

Title: Tinycontrol LAN Controller v3 (LK3) Remote Admin Password Change Advisory ID: ZSL-2023-5787 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access Risk: (5/5) Release Date: 01.09.2023 Summary Lan Controller is a very universal device that allows you to connect...

Tinycontrol LAN Controller v3 (LK3) Remote Credentials Extraction PoC

Title: Tinycontrol LAN Controller v3 (LK3) Remote Credentials Extraction PoC Advisory ID: ZSL-2023-5786 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, Exposure of System Information, Exposure of Sensitive Information Risk: (5/5) Release Date: 01.09.2023 Summary...

Fedora 37 : mosquitto (2023-e7ed15ab9e)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-e7ed15ab9e advisory. In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. (CVE-2023-0809) In...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Thu Aug 31 12:31:07 CDT 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/java_aug2023_advisory.asc Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX...

​ARDEREG Sistemas SCADA

EXECUTIVE SUMMARY ​CVSS v3 9.8 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: ARDEREG ​Equipment: Sistemas SCADA ​Vulnerability: SQL Injection 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow an attacker to manipulate SQL query logic to extract...

​GE Digital CIMPLICITY

EXECUTIVE SUMMARY ​CVSS v3 7.8 ​ATTENTION: Low attack complexity ​Vendor: GE Digital ​Equipment: CIMPLICITY ​Vulnerability: Process Control 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow a low-privileged local attacker to escalate privileges to SYSTEM. 3....

​Digi RealPort Protocol

EXECUTIVE SUMMARY ​CVSS v3 9.0 ​ATTENTION: Exploitable remotely ​Vendor: Digi International, Inc. ​Equipment: Digi RealPort Protocol ​Vulnerability: Use of Password Hash Instead of Password for Authentication 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow the...

FetLife: fetlife.com/signup_step_profile expose access_token of mapbox.com

Hi fetlife, I'm investigate on registration step on your site, in registration step at https://fetlife.com/signup_step_profile when user type in field "private_location_name" {F2652527} it use frontend call to api.mapbox.com directly thus expose access_token, I was able to call it directly via...

Easy Address Book Web Server 1.6 Buffer Overflow / Cross Site Scripting

...

JVN#60140221: Multiple vulnerabilities in i-PRO VI Web Client

VI Web Client provided by i-PRO Co., Ltd. is Video Insight’s video management software. VI Web Client contains multiple vulnerabilities listed below. Open Redirect (CWE-601) - CVE-2023-38574 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N| Base Score: 4.7...

Tinycontrol LAN Controller v3 (LK3) Remote Denial Of Service Exploit

Title: Tinycontrol LAN Controller v3 (LK3) Remote Denial Of Service Exploit Advisory ID: ZSL-2023-5785 Type: Local/Remote Impact: Security Bypass, DoS Risk: (4/5) Release Date: 31.08.2023 Summary Lan Controller is a very universal device that allows you to connect many different sensors and...

Advisory ROSA-SA-2023-2224

software: mosquitto 2.0.15 WASP: ROSA-CHROME package_evr_string: mosquitto-2.0.15-2.src.rpm CVE-ID: CVE-2021-34431 BDU-ID: 2022-01775 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Mosquitto message broker is related to incorrect processing of a CONNECT packet without will topic, will message.....

​PTC Codebeamer

EXECUTIVE SUMMARY ​CVSS v3 8.8 ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: PTC ​Equipment: Codebeamer ​Vulnerability: Cross site scripting 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow an attacker to inject arbitrary JavaScript code, which...

SUSE: Security Advisory (SUSE-SU-2023:3454-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2023:3462-1)

The remote host is missing an update for...

Security Bulletin: NVIDIA DGX H100 - August 2023

NVIDIA has released a firmware security update for the NVIDIA DGX™ H100 system. This update addresses issues that may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. To protect your system, download and install this firmware update...

Swaps affect LP token mint/burn during liquidity addition/removal

Lines of code Vulnerability details Impact The LP token removal/addition forces a recalculation of the bonding curve, and the utility of the curve. The utility curve in proteus looks like the graph below, where the point A represents a certain composition of the pool. If we try to remove...

Lack of events in EvolvingProteus contract

Lines of code Vulnerability details Impact There is no event emitted in the whole contract, even after executing sensitive actions like swaps between assets or at the constructor. That is bad because many automatic tools that monitors the contracts deployed rely on them. For example, see the swap.....

Liquidity concentration rate is reduced by the use of timestamp instead of block number

Lines of code https://github.com/code-423n4/2023-08-shell/blob/main/src/proteus/EvolvingProteus.sol#L81 Vulnerability details Impact Liquidity concentration rate is reduced by the use of timestamp instead of block number Proof of Concept The document states that This primitive can passively...

Security Bulletin: NVIDIA GeForce NOW for Android - August 2023

NVIDIA has released a firmware security update for the NVIDIA GeForce NOW Android mobile and TV app. This update addresses issues that may lead to code execution, denial of service, and information disclosure. To protect customer systems, the NVIDIA GeForce NOW for Android app will prompt...

M-22 Unmitigated

Lines of code Vulnerability details Comments The underlying yield vaults used by the V5 vaults usually round down shares received when depositing. As a result, if the Vault deposits to an underlying yield vault that has already issued shares, it is possible that a deposit could be rounded down to.....

Number of prize tiers may never scale due to aggressive new algorithm

Lines of code https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/main/src/PrizePool.sol#L807-L811 https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/main/src/abstract/TieredLiquidityDistributor.sol#L602-L619...

Claiming prizes will be bricked if prize periods are not aligned with twab periods

Lines of code https://github.com/GenerationSoftware/pt-v5-twab-controller/blob/main/src/libraries/TwabLib.sol#L244-L251 https://github.com/GenerationSoftware/pt-v5-twab-controller/blob/main/src/libraries/TwabLib.sol#L650-L658 Vulnerability details Comments The previous implementation allowed a...

Lockbit leak, research opportunities on tools leaked from TAs

Lockbit is one of the most prevalent ransomware strains. It comes with an affiliate ransomware-as-a-service (RaaS) program offering up to 80% of the ransom demand to participants, and includes a bug bounty program for those who detect and report vulnerabilities that allow files to be decrypted...

CODESYS Development System

EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS Development System Vulnerability: Insufficient Verification of Data Authenticity. 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

CODESYS Development System

EXECUTIVE SUMMARY **CVSS v3 3.3 ** ATTENTION: low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS Development System Vulnerability: Improper Restriction of Excessive Authentication Attempts. 2. RISK EVALUATION Successful exploitation of this vulnerability could provide a local...

​OPTO 22 SNAP PAC S1

EXECUTIVE SUMMARY ​**CVSS v3 7.5 ** ​ATTENTION: Exploitable remotely/low attack complexity ​Vendor: OPTO 22 ​Equipment: SNAP PAC S1 ​Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Weak Password Requirements, Improper Access Control, Uncontrolled Resource...

KNX Protocol

EXECUTIVE SUMMARY **CVSS v3 7.5 ** ATTENTION: Exploitable remotely/low attack complexity/known public exploitation Vendor: KNX Association Equipment: KNX devices using KNX Connection Authorization Vulnerability: Overly Restrictive Account Lockout Mechanism 2. RISK EVALUATION Successful...

​CODESYS Development System

EXECUTIVE SUMMARY ​**CVSS v3 7.3 ** ​ATTENTION: low attack complexity ​Vendor: CODESYS, GmbH ​Equipment: CODESYS Development System ​Vulnerability: Uncontrolled Search Path Element. 2. RISK EVALUATION ​Successful exploitation of this vulnerability could cause users to unknowingly launch a...