76 matches found
EUVD-2017-12030
Malware in sbrugna...
EUVD-2017-3669
Malware in sbrugna...
EUVD-2017-3670
Malware in sbrugna...
EUVD-2017-12023
Malware in sbrugna...
EUVD-2017-12057
Malware in sbrugna...
EUVD-2017-12031
Malware in sbrugna...
EUVD-2017-12058
Malware in sbrugna...
EUVD-2017-3681
Malware in sbrugna...
EUVD-2017-12056
Malware in sbrugna...
EUVD-2017-12053
Malware in sbrugna...
EUVD-2017-3680
Malware in sbrugna...
PT-2024-27785 · Nepstech · Nepstech Wifi Router Xpon
Name of the Vulnerable Software and Affected Versions: Nepstech Wifi Router xpon terminal NTPL-Xpon1GFEVN, hardware version 1.0, firmware version 2.0.1 Description: The issue allows a remote attacker to execute arbitrary code via the router's Telnet port 2345 without requiring authentication...
Design/Logic Flaw
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney running firmware 2.0.1. A series of WiFi packets can force Circle to setup an Access Point with default credentials. An attacker needs to send a series of spoofed "de-auth" packets to trigger this...
CVE-2017-12095
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney running firmware 2.0.1. A series of WiFi packets can force Circle to setup an Access Point with default credentials. An attacker needs to send a series of spoofed "de-auth" packets to trigger this...
CVE-2017-12095
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney running firmware 2.0.1. A series of WiFi packets can force Circle to setup an Access Point with default credentials. An attacker needs to send a series of spoofed "de-auth" packets to trigger this...
CVE-2017-12095
The CVE-2017-12095 entry concerns Circle with Disney firmware 2.0.1 where the WiFi Access Point can be forced to become an AP with a default credential set. Talos details show exploitation via a de-auth packet sequence to trigger circle_ap.sh up, which launches hostapd with a fixed SSID Circle-, ...
Circle with Disney Apid Strstr Authentication Bypass Vulnerability(CVE-2017-2914)
Summary An exploitable authentication bypass vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A specially crafted token can bypass the authentication routine of the Apid binary, causing the device to grant unintended administrative access. An attacker needs...
Circle with Disney Apid Server Fork Denial of Service VulnerabilityI(CVE-2017-2889)
Summary An exploitable Denial of Service vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A large amount of simultaneous TCP connections causes the APID daemon to repeatedly fork, causing the daemon to run out of memory and trigger a device reboot. An attacker...
Circle with Disney check_circleservers Code Execution Vulnerability(CVE-2017-2882)
Summary An exploitable vulnerability exists in the servers update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to overwrite sensitive files, resulting in code execution. An attacker needs to impersonate a remote server in order...
Circle with Disney Restore API Command Injection Vulnerability(CVE-2017-2890)
Summary An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause an OS command injection. An attacker can send an HTTP request trigger this vulnerability. Tested Versions Circle with Disn...