Novatek NT9665X HFS Recv buffer overflow code execution vulnerability

Summary An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9.” A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code executio...

Novatek NT9665X XML_GetScreen Strncmp denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the XMLGetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9.” A specially crafted set of packets can cause an invalid memory dereference, resulting in a device reboot...

Novatek NT9665X XML_UploadFile path overflow code execution vulnerability

Summary An exploitable code execution vulnerability exists in the XMLUploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9”. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. Tested...

Novatek NT9665X HFS Overwrite denial-of-service vulnerability

Summary An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9.” The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send a...

Unspecified Vulnerability in ECOS System Management Appliance

ECOS System Management Appliance a.k.a. SMA is a virtual appliance from ECOS TECHNOLOGY, Germany, for centralized management of ECOS products, which is capable of running on VMware, Crtrix XenServer, and Hyper-V. A security vulnerability exists in ECOS SMA version 5.2.68 that stems from an...

ECOS System Management Appliance Spoofing Vulnerability

ECOS System Management Appliance a.k.a. SMA is a virtual appliance from ECOS TECHNOLOGY, Germany, for centralized management of ECOS products, which is capable of running on VMware, Crtrix XenServer, and Hyper-V. A security vulnerability exists in ECOS SMA version 5.2.68. An attacker can exploit...

Unspecified Vulnerability in ECOS System Management Appliance

ECOS System Management Appliance a.k.a. SMA is a virtual appliance from ECOS TECHNOLOGY, Germany, for centralized management of ECOS products, which is capable of running on VMware, Crtrix XenServer, and Hyper-V. A security vulnerability exists in ECOS SMA version 5.2.68 that stems from a failure...

Unspecified Vulnerability in ECOS Secure Boot Stick

The ECOS Secure Boot Stick a.k.a. SBS is a security device from ECOS TECHNOLOGY, Germany for remote access to Citrix, Microsoft Terminal Server, VMware and other web applications. A security vulnerability exists in ECOS SBS version 5.6.5 that stems from an undocumented vendor backdoor in the...

Unspecified Vulnerability in ECOS Secure Boot Stick (CNVD-2019-38285)

The ECOS Secure Boot Stick a.k.a. SBS is a security device from ECOS TECHNOLOGY, Germany for remote access to Citrix, Microsoft Terminal Server, VMware and other web applications. A security vulnerability exists in ECOS SBS version 5.6.5. An attacker could exploit the vulnerability to take contro...

Unspecified Vulnerability in ECOS Secure Boot Stick (CNVD-2019-38284)

The ECOS Secure Boot Stick a.k.a. SBS is a security device from ECOS TECHNOLOGY, Germany for remote access to Citrix, Microsoft Terminal Server, VMware and other web applications. A security vulnerability exists in ECOS SBS version 5.6.5. An attacker could exploit the vulnerability to take contro...

ECOS Secure Boot Stick Fuzzing Vulnerability

The ECOS Secure Boot Stick a.k.a. SBS is a security device from ECOS TECHNOLOGY, Germany for remote access to Citrix, Microsoft Terminal Server, VMware and other web applications. A security vulnerability exists in ECOS SBS version 5.6.5. An attacker can exploit the vulnerability to extract the...

ECOS Secure Boot Stick Authentication Bypass Vulnerability

The ECOS Secure Boot Stick a.k.a. SBS is a security device from ECOS TECHNOLOGY, Germany for remote access to Citrix, Microsoft Terminal Server, VMware and other web applications. A security vulnerability exists in ECOS SBS version 5.6.5. An attacker could exploit the vulnerability to bypass...

Unspecified Vulnerability in ECOS Secure Boot Stick

The ECOS Secure Boot Stick a.k.a. SBS is a security device from ECOS TECHNOLOGY, Germany for remote access to Citrix, Microsoft Terminal Server, VMware and other web applications. A security vulnerability exists in ECOS SBS version 5.6.5. An attacker could exploit the vulnerability to take contro...

CVE-2018-12335

Incorrect access control in ECOS System Management Appliance aka SMA 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestricted database access during Easy Enrollment...

CVE-2018-12337

Reliance on Security Through Obscurity vulnerability in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to partially extract confidential configurations via user-space emulation...

CVE-2018-12334

Protection Mechanism Failure in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack...

CVE-2018-12330

Protection Mechanism Failure in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to compromise authentication and encryption keys via compromised firmware...

CVE-2018-12336

Undocumented Factory Backdoor in ECOS Secure Boot Stick aka SBS 5.6.5 allows the vendor to extract confidential information via remote root SSH access...

CVE-2018-12329

Protection Mechanism Failure in ECOS Secure Boot Stick aka SBS 5.6.5 allows a local attacker to duplicate an authentication factor via cloning...

CVE-2018-12331

Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance aka SMA 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP spoofing during "Easy Enrollment."...