Lucene search
K

175 matches found

Kitploit
Kitploit
added 2018/06/02 10:17 p.m.22 views

RouterSploit v3.0 - Exploitation Framework For Embedded Devices

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against...

7.6AI score
Exploits0References1
n0where
n0where
added 2018/05/08 4:10 a.m.36 views

Exploitation Framework for Embedded Devices: RouterSploit

The RouteSploit Framework is an open-source exploitation framework dedicated to embedded devices. The RouteSploit Framework consists of various modules that aids penetration testing operations: exploits – modules that take advantage of identified vulnerabilities creds – modules designed to test...

0.3AI score
Exploits0References1
Fedora
Fedora
added 2018/03/30 1:34 p.m.19 views

[SECURITY] Fedora 28 Update: monitorix-3.10.1-1.fc28

Monitorix is a free, open source and lightweight system monitoring tool designed to monitor as many services and system resources as possible. It h as been created to be used under production Linux/UNIX servers, but due to its simplicity and small size may also be used on embedded devices as well...

1.2AI score
Exploits0
Fedora
Fedora
added 2018/03/23 4:32 p.m.16 views

[SECURITY] Fedora 26 Update: monitorix-3.10.1-1.fc26

Monitorix is a free, open source and lightweight system monitoring tool designed to monitor as many services and system resources as possible. It h as been created to be used under production Linux/UNIX servers, but due to its simplicity and small size may also be used on embedded devices as well...

1.2AI score
Exploits0
Kitploit
Kitploit
added 2017/10/31 9:28 p.m.63 views

TROMMEL - Sift Through Directories of Files to Identify Indicators That May Contain Vulnerabilities

TROMMEL sifts through directories of files to identify indicators that may contain vulnerabilities. TROMMEL identifies the following indicators related to: Secure Shell SSH key files Secure Socket Layer SSL key files Internet Protocol IP addresses Uniform Resource Locator URL email addresses shel...

9AI score
Exploits0References2
exploitpack
exploitpack
added 2017/10/17 12:0 a.m.30 views

shadowsocks-libev 3.1.0 - Command Execution

shadowsocks-libev 3.1.0 - Command Execution X41 D-Sec GmbH Security Advisory: X41-2017-010 Command Execution in Shadowsocks-libev ====================================== Overview -------- Severity Rating: High Confirmed Affected Versions: 3.1.0 Confirmed Patched Versions: N/A Vendor: Shadowsocks...

7.6AI score
Exploits0
Prion
Prion
added 2017/10/12 3:29 p.m.19 views

Hardcoded credentials

Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another...

4.3CVSS7.1AI score0.01305EPSS
Exploits0References7Affected Software23
Prion
Prion
added 2017/07/17 1:18 p.m.14 views

Authentication flaw

SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and handle the packets and does not ask for any si...

10CVSS9.6AI score0.02919EPSS
Exploits0References1Affected Software1
Hacker One
Hacker One
added 2017/05/09 9:29 p.m.49 views

Internet Bug Bounty: CVE-2017-8798 - miniupnp getHTTPResponse chunked encoding integer signedness error

Integer signedness error in miniupnpc 1 allows remote attackers to cause a denial of service condition access violation and heap corruption via specially crafted HTTP response An integer signedness error was found in miniupnp's miniwget allowing an unauthenticated remote entity typically located ...

7.5CVSS9.3AI score0.24027EPSS
Exploits6
OpenVAS
OpenVAS
added 2017/04/11 12:0 a.m.19 views

Moxa AWK Series Devices Detection (HTTP)

HTTP based detection of Moxa AWK Series Devices Industrial Wireless LAN Solutions. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.3AI score
Exploits0References1
ThreatPost
ThreatPost
added 2017/03/29 10:0 a.m.21 views

'Anonymous' FTP Servers Leaving Healthcare Data Exposed

Hackers craving personal health care information are targeting exposed FTP servers. The FBI issued a warning last week that focused on an increase in criminal activity targeting FTP servers used by medical and dental organizations that are configured to allow anonymous access without...

0.8AI score
Exploits0References4
The Hacker News
The Hacker News
added 2017/02/21 12:47 a.m.16 views

KasperskyOS — Secure Operating System released for IoT and Embedded Systems

Russian cyber security and antivirus vendor Kaspersky Lab has made available the much awaited KasperskyOS, a secure-by-design operating system based on Microkernel architecture which is specially designed for network devices, industrial control systems and the Internet of Things. The operating...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2017/01/13 12:0 a.m.26 views

Zeroshell 3.6.03.7.0 Net Services - Remote Code Execution

Zeroshell 3.6.03.7.0 Net Services - Remote Code Execution Exploit Title: Zeroshell - Net Services Unauthenticated Remote Code Execution | RCE Date: 13.01.2017 Exploit Author: Ozer Goker Vendor Homepage: http://www.zeroshell.org Software Link: www.zeroshell.org/download/ Version: 3.6.0 & 3.7.0...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/01/13 12:0 a.m.69 views

Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution

Exploit Title: Zeroshell - Net Services Unauthenticated Remote Code Execution | RCE Date: 13.01.2017 Exploit Author: Ozer Goker Vendor Homepage: http://www.zeroshell.org Software Link: www.zeroshell.org/download/ Version: 3.6.0 & 3.7.0 Introduction Zeroshell is a small Linux distribution for...

7AI score
Exploits0
CNVD
CNVD
added 2016/10/12 12:0 a.m.4 views

INSIDE Secure MatrixSSL Denial of Service Vulnerability (CNVD-2016-09588)

INSIDE Secure MatrixSSL is an embedded, open source SSLv3 stack from INSIDE Secure, France, designed for small applications and devices. A denial of service vulnerability exists in MatrixSSL, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6.7AI score0.01881EPSS
Exploits0References1
CERT
CERT
added 2016/10/11 12:0 a.m.35 views

MatrixSSL contains multiple vulnerabilities

Overview MatrixSSL, version 3.8.5 and earlier, contains heap overflow, out-of-bounds read, and unallocated memory free operation vulnerabilities. Description CWE-122: Heap-based Buffer Overflow - CVE-2016-6890The Subject Alt Name field of X.509 certificates is not properly parsed. A specially...

10CVSS8.7AI score0.06432EPSS
Exploits0References6
ThreatPost
ThreatPost
added 2016/10/05 8:51 a.m.8 views

IoT Botnets Are The New Normal of DDoS Attacks

If you’ve been on the wrong end of what passes for a modern-day DDoS attack, you’re well familiar with the firepower of the almighty DVR. That’s right, the innocuous set-top box responsible for the posterity of your Game of Thrones seasons 1-6 is behind some of the biggest swarming attacks agains...

Exploits0References6
ThreatPost
ThreatPost
added 2016/09/06 1:11 p.m.17 views

Number of Devices Sharing Private Crypto Keys Up Sharply

Researchers at SEC Consult say the number of internet gateways, routers, modems and other embedded devices sharing cryptographic keys and certificates is up 40 percent since the Austrian consulting firm first looked at the problem in November. The report, posted Tuesday called “House of Keys,”...

8.2AI score
Exploits0References3
Kitploit
Kitploit
added 2016/04/04 11:29 p.m.68 views

RouterSploit - Router Exploitation Framework

The RouteSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of various modules that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against...

8.1AI score
Exploits0References1
The Hacker News
The Hacker News
added 2016/03/30 11:25 p.m.12 views

Advanced Malware targeting Internet of the Things and Routers

Anything connected to the Internet could be hacked and so is the Internet of Things IoTs. The market fragmentation of IoTs or Internet-connected devices is a security nightmare, due to poor security measures implemented by their vendors. Now, the researchers at security firm ESET have discovered ...

6.8AI score
Exploits0
Rows per page
Query Builder