15 matches found
Western Digital MyCloud Unauthenticated Command Injection Exploit
This Metasploit module exploits authentication bypass CVE-2018-17153 and command injection CVE-2016-10108 vulnerabilities in Western Digital MyCloud before 2.30.196 in order to achieve unauthenticated remote code execution as the root user. The module first performs a check to see if the target i...
Western Digital MyCloud unauthenticated command injection
This module exploits authentication bypass CVE-2018-17153 and command injection CVE-2016-10108 vulnerabilities in Western Digital MyCloud before 2.30.196 in order to achieve unauthenticated remote code execution as the root user. The module first performs a check to see if the target is WD MyClou...
Western Digital MyCloud Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Western Digital MyCloud unauthenticated command injection', 'Description' = %q This module exploits authentication bypass CVE-2018-17153 and...
CVE-2020-17153
creationtimestamp| type| source ---|---|--- 2021-03-10 05:26:41+00:00| seen| https://t.me/androidMalware/1084...
CVE-2020-17153
CVE-2020-17153 affects Microsoft Edge for Android. The connected sources describe a spoofing vulnerability in Edge for Android, attributed to insufficient input validation in the browser, enabling a remote attacker to spoof the user interface and potentially access protected information. Public d...
CVE-2020-17153 Microsoft Edge for Android Spoofing Vulnerability
...
KLA12019 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Edge for Android can be exploited remotely to spoof...
Western Digital My Cloud Multiple Products < 2.11.178 / 2.20 - 2.30 < 2.30.196 Authentication Bypass Vulnerability
Multiple Western Digital My Cloud products are prone to an authentication bypass vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2018-17153
creationtimestamp| type| source ---|---|--- 2018-09-19 11:34:43+00:00| seen| https://t.me/SecLabNews/3183 2018-09-21 23:44:48+00:00| seen| https://t.me/BleepingComputer/3761 2023-07-28 13:22:17+00:00| seen|...
Western Digital My Cloud Authentication Bypass
------------------------------------------------------------------------ Authentication bypass vulnerability in Western Digital My Cloud allows escalation to admin privileges ------------------------------------------------------------------------ Remco Vermeulen, September 2018...
CVE-2018-17153
CVE-2018-17153 affects Western Digital My Cloud devices older than 2.30.196. An unauthenticated attacker can bypass authentication and become admin by abusing the network_mgr.cgi flow; after session creation, commands normally requiring admin privileges succeed if the cookie username=admin is set...
CVE-2017-17153
IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...
CVE-2017-17153
IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...
CVE-2017-17153
IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...
CVE-2017-17153
CVE-2017-17153 is a memory-leak vulnerability in the IKEv2 implementation of Huawei products (including IPS Module, NGFW Module, NIP6300/6600, Secospace USG families). The root cause is memory release failure caused by insufficient input validation, which can allow memory to be not freed and lead...