Update now! ASUS fixes nine security flaws

ASUS has released firmware updates for several router models fixing two critical and several other security issues. The new firmware with accumulated security updates is available for the models GT6, GT-AXE16000, GT-AX11000 PRO, GT-AXE11000, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8,...

CVE-2023-28702

creationtimestamp| type| source ---|---|--- 2023-06-02 14:26:03+00:00| seen| https://t.me/cibsecurity/64881 2023-06-19 19:55:30+00:00| seen| https://t.me/RussianOSINT/2677 2023-06-20 09:57:08+00:00| seen| https://t.me/kasperskyb2b/705 2023-06-21 14:27:19+00:00| seen| https://t.me/truesecator/4523...

CVE-2023-28702

ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. A remote attacker with normal user privileges can exploit this vulnerability to perform command injection attack to execute arbitrary system commands, disrupt system or terminate service...

CVE-2023-28702 ASUS RT-AC86U - Command Injection

ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. A remote attacker with normal user privileges can exploit this vulnerability to perform command injection attack to execute arbitrary system commands, disrupt system or terminate service...

CVE-2023-28702

CVE-2023-28702 affects the ASUS RT-AC86U router. The issue is a command injection flaw caused by failure to filter special characters in parameters of certain web URLs. A remote attacker with normal user privileges could exploit this to execute arbitrary system commands, potentially disrupt the s...

CVE-2022-28702

ABB e-Design vulnerability CVE-2022-28702 involves incorrect default permissions that allow a local attacker to install malicious software with SYSTEM permissions, affecting affected ABB e-Design installations. The issue stems from permissions handling in the installer, enabling privilege escalat...

SUSE: Security Advisory (SUSE-SU-2021:3977-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:3968-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : xen (openSUSE-SU-2021:3968-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3968-1 advisory. - PCI devices with RMRRs not deassigned correctly Certain PCI devices in a system might be assigned Reserved Memory Regions specified via...

SUSE-SU-2021:3968-1 Security update for xen

This update for xen fixes the following issues: - CVE-2021-28702: Fixed PCI devices with RMRRs not deassigned correctly XSA-386 bsc1191363. - CVE-2021-28704, CVE-2021-28707, CVE-2021-28708: Fixed PoD operations on misaligned GFNs XSA-388 bsc1192557. - CVE-2021-28705, CVE-2021-28709: Fixed issues...

openSUSE: Security Advisory for xen (openSUSE-SU-2021:1543-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:1543-1 Security update for xen

This update for xen fixes the following issues: - CVE-2021-28702: Fixed PCI devices with RMRRs not deassigned correctly XSA-386 bsc1191363. - CVE-2021-28704, CVE-2021-28707, CVE-2021-28708: Fixed PoD operations on misaligned GFNs XSA-388 bsc1192557. - CVE-2021-28705, CVE-2021-28709: Fixed issues...

Debian DSA-5017-1 : xen - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5017 advisory. Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in privilege escalation, denial of service or information leaks. For the...

SUSE: Security Advisory (SUSE-SU-2021:3888-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:3852-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-28702

creationtimestamp| type| source ---|---|--- 2021-11-01 17:21:28+00:00| seen| https://t.me/cibsecurity/31559...

CVE-2020-28702

A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information...

CVE-2020-28702

CVE-2020-28702 describes a SQL injection in TopicMapper.xml of PybbsCMS v5.2.1, enabling attackers to access sensitive database information. The vulnerability is corroborated across multiple sources (NVD, RH, OSV, CVE lists, and PT Security) with published impact scores (CVSS 2.0/3.1: base 5.0/7....

CVE-2020-28702

A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information...

Fedora: Security Advisory for xen (FEDORA-2021-829f5f2f43)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...