Remote Command Execution Vulnerability in iGuardian Security Guardian

iGuardian is a router-based application embedded in the Linux operating system, with Snort an intrusion detection system as an embedded command-and-control system. A remote command execution vulnerability exists in the iGuardian Security/apps/login.php file. This allows an attacker to remotely...

Security Update for Windows Embedded 8 Standard for x64-based Systems (KB3168965)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

Open Smart Grid Protocol Homegrown Crypto Weaknesses

In the three years since its inception, the Open Smart Grid Protocol has found its way into more than four million smart meters and similar devices worldwide. And like its SCADA, industrial control system, and embedded system brethren, it’s rife with security issues. Two researchers, Phillip...

With Misfortune-Cookies-doom cookies to ROM-0 Bug patch-vulnerability warning-the black bar safety net

This article is just for fun, especially to those who like to adjust the system's embedded hack. So this is not a legitimate fix ROM-0 Bugs means fun is by one bug to fix another bug. Let's open thebeginning to find our fun. As I an article the Misfortune Cookie decryption of the write, we can be...

Webgate Buffer Overflow

Webgate technology is focused on digital image processing, embedded system design and networking to produce embedded O/S and web server cameras providing real time images. We are also making superior network stand-alone DVRs by applying our accumulated network and video solution knowledge. WEBGAT...

VxWorks WDB Agent 远程内存读取漏洞

VxWorks安全初探 404@KnownSec --- 0x00 前言 --- 关于VxWorks，这里引用44CON议题《攻击 VxWorks：从石器时代到星际》探究 一文章中的介绍： VxWorks 是世界上使用最广泛的一种在嵌入式系统中部署的实时操作系统，是由美国WindRiver公司（简称风河公司，即WRS 公司）于1983年设计开发的。其市场范围跨越所有的安全关键领域，仅举几例，包括火星好奇心流浪者、波音787梦幻客机、网络路由器。这些应用程序的安全高危性质使得VxWorks的安全被高度关注。 VxWorks操作系统是由美国Wind...

Samsung DVR authentication bypass

Title: Samsung DVR authentication bypass Version affected: firmware version = 1.10 Vendor: Samsung - www.samsung-security.com Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Samsung provides a wide range of DVR...

bzexe /tmp Race Condition

Hi Packetstorm, This PoC exploit was developed after a discussion on Full-disclosure mailing list, where http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862 was proved to be exploitable. A user can wait until a binary that was compressed with bzexe is run by root and execute /tmp/exec. This...

Simple HTTPd 1.42 PUT Request Remote Buffer Overflow Vulnerability

Exploit for windows platform in category remote exploits !/usr/bin/env python part of femtocell research by TU-Berlin only for educational purposes Exploit Title: remote root on sfr/ubiquisys femtocell webserver wsal/shttpd/mongoose Author: nion Software: http://code.google.com/p/mongoose/...

Tomcat remote denial of service vulnerability analysis(CVE-2 0 1 0-2 2 2 7)-vulnerability warning-the black bar safety net

The present article is an analysis of the POC process, the pressure of the N months, and now before the issue. Using the analysis of POC, Tomcat in addition to the latest versionsee the specific website, and JBOSS in addition to the latest version, can fight, POC see the article. JBOSS official h...

MonGoose 2.4 Directory Traversal Vulnerability

MonGoose 2.4 win webserver Directory Traversal By: e.wiZz! Site: www.balcansecurity.com Found with ServMeNot world's sexiest fuzzer :P In the wild... Info: Easy to use web server for Windows and UNIX. Mongoose provides simple and clean API for embedding it into existing programs. Targeting Web...

Avocent KVM Over IP Switch Detection

The remote host is an Avocent KVM over IP switch that provides for control of connected servers and devices. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid29923; scriptversion"1.12"; scriptnameenglish:"Avocent KVM Over IP Switch Detection"; scriptsummaryenglish:"Loo...

2018-02 Security Monthly Quality Rollup for Windows Embedded Standard 7 for x64-based Systems (KB4074598)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2019-11 Cumulative Security Update for Internet Explorer 11 for Windows Embedded 8 Standard for x64-based systems (KB4525106)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

Update for Windows Embedded 8 Standard for x64-based Systems (KB4130978)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

2019-10 Cumulative Security Update for Internet Explorer 11 for Windows Embedded 8 Standard for x86-based systems (KB4524135)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2020-01 Cumulative Security Update for Internet Explorer 11 for Windows Embedded Standard 7 for x64-based systems (KB4534251)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...