4619 matches found
JVN#68773685: AQUOS PhotoPlayer HN-PP150 vulnerable to denial-of-service (DoS)
AQUOS PhotoPlayer HN-PP150 contains an issue in the processing of packets, which may lead to a denial-of-service DoS. Impact Network functions may be disabled by a remote attacker. Solution Update the Firmware Update to the latest version of firmware according to the information provided by the...
OS-Command Injection via UPnP Interface in multiple D-Link devices
Vendor: D-Link Devices: DIR-300 rev B / DIR-600 rev B / DIR-645 / DIR-845 / DIR-865 / DAP1522 ============ Vulnerable Firmware Releases: ============ DIR-300 rev B - 2.14b01 DIR-600 - 2.16b01 DIR-645 - 1.04b01 DIR-845 - 1.01b02 DIR-865 - 1.05b03 Other devices and firmware versions may be also...
U.S Emergency broadcast System vulnerable to hackers
A major vulnerability has been discovered in the U.S. Emergency Alert System, researchers have warned.that could allow hackers to break into the system and broadcast fake messages to the United States. According to a new report by security firm IOActive, U.S. Emergency Alert System, the system us...
U.S Emergency broadcast System vulnerable to hackers
A major vulnerability has been discovered in the U.S. Emergency Alert System, researchers have warned.that could allow hackers to break into the system and broadcast fake messages to the United States. According to a new report by security firm IOActive, U.S. Emergency Alert System, the system us...
D-Link - OS-Command Injection via UPnP Interface
D-Link - OS-Command Injection via UPnP Interface Title: OS-Command Injection via UPnP SOAP Interface in multiple D-Link devices Vendor: D-Link Devices: DIR-300 rev B / DIR-600 rev B / DIR-645 / DIR-845 / DIR-865 ============ Vulnerable Firmware Releases: ============ DIR-300 rev B - 2.14b01 DIR-6...
Stable Channel Update for Chrome OS
The Stable channel has been updated to 27.0.1453.116 Platform version: 3912.101.0 for all Chrome OS devices. This build contains a number of stability fixes and security improvements. Machines will be receiving updates over then next several days. Release Highlights: Pepper Flash updated to...
Hard-Coded Credentials Found in TURCK ICS Devices
Hard-coded credentials are a longstanding security no-no, but they’re also an ever-present reality because of developers and IT managers who require remote access to networks and systems for troubleshooting purposes. The level of risk in such cases depends on the system in question. But one thing...
Huawei SNMPv3 Buffer Overflow
Multiple buffer overflows on Huawei SNMPv3 service ================================================== ADVISORY INFORMATION Title: Multiple buffer overflows on Huawei SNMPv3 service Discovery date: 11/02/2013 Release date: 06/05/2013 Credits: Roberto Paleari [email protected], @rpaleari...
DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal
Title ----- DDIVRT-2013-52 Dell EqualLogic PS6110X Directory Traversal Severity -------- High Discovered By ------------- Evan Sylvester and r@b13$ Date Discovered --------------- February 19, 2013 Vulnerability Description ------------------------- The Dell EqualLogic PS6110X is vulnerable to a...
D-Link DSL-320B - Multiple Vulnerabilities
Device: DSL-320B Firmware Version: EUDSL-320B v1.23 date: 28.12.2010 Vendor URL: http://www.dlink.com/de/de/home-solutions/connect/modems-and-gateways/dsl-320b-adsl-2-ethernet-modem ============ Vulnerability Overview: ============ Access to the Config file without authentication = full...
Cisco IKE Implementation Group Name Enumeration
Trustwave SpiderLabs Security Advisory TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation https://www.trustwave.com/spiderlabs/advisories/TWSL2013-004.txt Published: 04/18/13 Version: 1.0 Vendor: Cisco www.cisco.com Product: ASA Adaptive Security Appliance Versions...
PT-2013-86: Denial of Service in Siemens SIMATIC S7-1500 CPU PLC
The specialists of the Positive Research center have detected a Denial of Service vulnerability in Siemens SIMATIC S7-1500 CPU PLC. Specially crafted Profinet packets sent to the affected device might cause the device to go into defect mode. A cold restart is required to recover the system. The...
PT-2013-88: Denial of Service in Siemens SIMATIC S7-1200 CPU PLC
The specialists of the Positive Research center have detected a Denial of Service vulnerability in Siemens SIMATIC S7-1200 CPU PLC. An attacker could cause the device to go into defect mode if specially crafted PROFINET packets are sent to the device. A cold restart is required to recover the...
Multiple Vulnerabilities in D-Link devices
Device Name: DIR-600 / DIR-300 revB / DIR-815 / DIR-645 / DIR-412 / DIR-456 / DIR-110 Vendor: D-Link ============ Vulnerable Firmware Releases: ============ DIR-815 v1.03b02 unauthenticated command injection DIR-645 v1.02 unauthenticated command injection DIR-645 v1.03 authenticated command...
D-Link - Multiple Vulnerabilities
D-Link - Multiple Vulnerabilities Exploit Title: Multiple Vulnerabilities in Dlink devices Date: 05.04.2013 Exploit Author: m-1-k-3 Vendor Homepage: http://www.dlink.de Software Link:...
Belkin Wemo - Arbitrary Firmware Upload
Exploit Title: Belkin Wemo Arbitrary Firmware Vulnerability Date: 4/3/13 Exploit Author: Daniel Buentello Vendor Homepage: http://www.belkin.com/us/wemo Version: Any version prior to WeMoUS2.00.2176.PVT CVE : CVE-2013-2748 POST /upnp/control/firmwareupdate1 HTTP/1.1 SOAPACTION:...
Belkin Wemo Arbitrary Firmware Upload
Exploit Title: Belkin Wemo Arbitrary Firmware Vulnerability Date: 4/3/13 Exploit Author: Daniel Buentello Vendor Homepage: http://www.belkin.com/us/wemo Version: Any version prior to WeMoUS2.00.2176.PVT CVE : CVE-2013-2748 Hello Im independently working with Mitre and Belkin on this matter so...
HPSBHF02865 SSRT101158 rev.2 - HP ElitePad 900, Secure Boot Configuration Inconsistency
Potential Security Impact Secure Boot configuration inconsistency VULNERABILITY SUMMARY A potential vulnerability has been identified with certain HP ElitePad tablet PCs. The secure boot feature of the BIOS may not be enabled, allowing alternate operating systems to be booted in contradiction wit...
Multiple NEC mobile routers vulnerable to cross-site request forgery
Overview Multiple mobile routers provided by NEC contain a cross-site request forgery vulnerability. Multiple mobile routers provided by NEC contain a vulnerability in web-based management utility, which may result in a cross-site request forgery. Sen UENO of Tricorder Co. Ltd., Hiroshi Kumagai a...
JVN#59503133: Multiple NEC mobile routers vulnerable to cross-site request forgery
Multiple mobile routers provided by NEC contain a vulnerability in web-based management utility, which may result in a cross-site request forgery. Impact If a user views a malicious page while logged in, settings of the product may be initialized, or the product may be rebooted. Solution Update t...