Auerswald COMpact 8.0B Backdoors

Advisory: Auerswald COMpact Multiple Backdoors RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to access the web-based management application full administrative access to the device. Details =======...

Wind River VxWorks Resource Management Error Vulnerability

Wind River VxWorks is an operating system from Wind River, Inc. the industry-leading real-time operating system for building embedded devices and systems. A security vulnerability exists in VxWorks 6.9 through 7, which stems from a specially designed packet in the IKE component that could result ...

14 security vulnerabilities reported in BusyBox Linux utility

By Deeba Ahmed For your information, BusyBox is generally used by embedded devices like IoT products or ICS industrial control systems. This is a post from HackRead.com Read the original post: 14 security vulnerabilities reported in BusyBox Linux utility...

14 New Security Flaws Found in BusyBox Linux Utility for Embedded Devices

Cybersecurity researchers on Tuesday disclosed 14 critical vulnerabilities in the BusyBox Linux utility that could be exploited to result in a denial-of-service DoS condition and, in select cases, even lead to information leaks and remote code execution. The security weaknesses, tracked from...

Multiple BusyBox Security Bugs Threaten Embedded Linux Devices

Researchers have discovered 14 critical vulnerabilities in a popular program used in embedded Linux applications, all of which allow for denial of service DoS and 10 that also enable remote code execution RCE, they said. One of the flaws also could allow devices to leak info, according to...

Schneider Electric Nmc Embedded Devices 跨站脚本漏洞

The Schneider Electric Nmc Embedded Devices are a type of Nmc Embedded Devices from Schneider Electric France. A cross-site scripting vulnerability exists in Schneider Electric Nmc Embedded Devices and NMC Embedded Devices that can be exploited by an attacker to execute arbitrary script...

Schneider Electric Nmc Embedded Devices 跨站脚本漏洞

The Schneider Electric Nmc Embedded Devices are a type of Nmc Embedded Devices from Schneider Electric France. A cross-site scripting vulnerability exists in Schneider Electric Nmc Embedded Devices and NMC Embedded Devices that can be exploited by an attacker to execute arbitrary script...

Schneider Electric Nmc Embedded Devices 信息泄露漏洞

Schneider Electric Nmc Embedded Devices are a type of Nmc Embedded Devices from Schneider Electric France. An information disclosure vulnerability exists in Schneider Electric Nmc Embedded Devices and NMC Embedded Devices, which can be exploited by an attacker to gain access to a troubleshooting...

Schneider Electric Nmc Embedded Devices 跨站脚本漏洞

The Schneider Electric Nmc Embedded Devices are a type of Nmc Embedded Devices from Schneider Electric France. A cross-site scripting vulnerability exists in Schneider Electric Nmc Embedded Devices and NMC Embedded Devices that can be exploited by an attacker to execute arbitrary script...

Siemens Nucleus 安全漏洞

Capital VSTAR is a complete solution. the Nucleus NET module integrates a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device. the Nucleus RTOS is a microkernel-based real-time operating...

Schneider Electric Nmc Embedded Devices 跨站脚本漏洞

The Schneider Electric Nmc Embedded Devices are a type of Nmc Embedded Devices from Schneider Electric France. A cross-site scripting vulnerability exists in Schneider Electric Nmc Embedded Devices and NMC Embedded Devices, which can be exploited by an attacker to execute arbitrary script when...

Schneider Electric NMC cards and Embedded Devices

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Network Management Cards NMC and NMC Embedded Devices Vulnerabilities: Cross-site Scripting, Exposure of Sensitive Information to an Unauthorized Actor 2. RISK EVALUATION...

BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released

The embargo period is over for a proof-of-concept PoC tool to test for the recently revealed BrakTooth flaws in Bluetooth devices, and the researchers who discovered them have released both the test kit and full exploit code for the bugs. BrakTooth is a collection of flaws affecting commercial...

Oracle Java SE and Oracle GraalVM Enterprise Edition Denial of Service Vulnerability (CNVD-2021-81803)

Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM Enterprise Edition is an Oracle-based multilingual virtual machine for enterprise Java SE. A denial of servic...

Oracle Java SE and Oracle GraalVM Enterprise Edition Denial of Service Vulnerability (CNVD-2021-81805)

Java SE stands for Java Platform Standard Edition and is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments.Oracle GraalVM Enterprise Edition is an Oracle-based multilingual virtual machine for enterprise Java SE. A denial of servic...

OpenWrt Cross-Site Scripting Vulnerability

OpenWrt is a Linux operating system for embedded devices. A cross-site scripting vulnerability exists in the OpenWrt luci web-interface, which stems from insufficient cleanup of user-supplied data when processing hostnames in the OpenWrt luci web-interface. A remote attacker could inject and...

ACRN post-release reuse vulnerability (CNVD-2021-49149)

ACRN is an open source project released by the Linux Foundation, which is a hypervisor designed for IoT and embedded devices. A post-release reuse vulnerability exists in the polling timer handler in ACRN related to devicemodel/hw/pci/virtio/.c. The vulnerability is not known. No detailed...

ACRN Null Pointer Dereference Vulnerability

ACRN is an open source project released by the Linux Foundation, a hypervisor designed for IoT and embedded devices. A null pointer dereference vulnerability exists in virtionetpingrxq in devicemodel/hw/pci/virtio/virtionet.c in versions prior to ACRN 2.5. No details of the vulnerability are...

ACRN 资源管理错误漏洞

ACRN is an open source project released by the Linux Foundation, which is a hypervisor designed for IoT and embedded devices. A post-release reuse vulnerability exists in the polling timer handler in ACRN related to devicemodel/hw/pci/virtio/.c. The vulnerability is not known. No detailed...

ACRN 资源管理错误漏洞

ACRN is an open source project released by the Linux Foundation, which is a hypervisor designed for IoT and embedded devices. Device Model in ACRN suffers from a devicemodel/core/mem.c post-release reuse vulnerability. No details of the vulnerability are available at this time...