CVE-2021-20153

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent functionality. If enabled, the bittorrent functionality is vulnerable to a symlink attack that could lead to remote code execution on the device. If an end user inserts a flash drive with a malicious...

CVE-2021-20153

CVE-2021-20153 affects Trendnet AC2600 TEW-827DRU (firmware version 2.08B01). The issue is a symlink vulnerability in the bittorrent functionality that could allow a remote code execution on the device. If a user inserts a flash drive containing a malicious symlink that the bittorrent client can ...

EulerOS Virtualization 3.0.2.0 : rpm (EulerOS-SA-2021-2823)

According to the versions of the rpm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a...

[SECURITY] Fedora 34 Update: gnome-shell-extensions-40.5-1.fc34

GNOME Shell Extensions is a collection of extensions providing additional and optional functionality to GNOME Shell. Enabled extensions: apps-menu auto-move-windows drive-menu launch-new-instance native-window-placement places-menu screenshot-window-sizer user-theme window-list windowsNavigator...

FreeBSD : OpenSearch -- Log4Shell (b0f49cb9-6736-11ec-9eea-589cfc007716)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b0f49cb9-6736-11ec-9eea-589cfc007716 advisory. - It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain...

PT-2021-7280

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration ZCS versions 8.8.15 through 9.0 Description: The issue concerns the mboximport functionality in Zimbra Collaboration, which allows an authenticated user with administrator rights to upload arbitrary files to the system,...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-2805)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross-Site Request Forgery (CSRF) in opensourcepos/opensourcepos

Description CSRF on logout functionality. Attacker able to logout the user by sending malicious link Proof of Concept Impact This vulnerability is capable of logout the user session Note This is not an attack, it is a kind of annoyance to the user , though it is a valid csrf . By Using post metho...

Command injection

An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2021-21883

Lantronix PremierWave 2050 Web Manager Diagnostics: Ping is affected by an OS command injection (CVE-2021-21883). A specially crafted authenticated HTTP request can trigger execution of arbitrary OS commands with root privileges via the unsanitized host parameter used to build the nd ic6 command,...

CVE-2021-21883

An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

A vault can be locked from MarketplaceZap and StakingZap

Handle p4st13r4 Vulnerability details Impact Any user that owns a vToken of a particular vault can lock the functionalities of NFTXMarketplaceZap.sol and NFTXStakingZap.sol for everyone. Every operation performed by the marketplace, that deals with vToken minting, performs this check:...

Unused WJLP can't be simply unwrapped

Handle kenzo Vulnerability details WJLP can only be unwrapped from the Active Pool or Stability Pool. A user who decided to wrap his JLP, but not use all of them in a trove, Wouldn't be able to just unwrap them. Impact Impaired functionality for users. Would have to incur fees for simple...

mySCADA myPRO

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: mySCADA Equipment: myPRO Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Use of Password Hash with Insufficient Computational Effort, Hidden Functionality, OS Command...

Updated log4j packages fix security vulnerability

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map MDC input data when the logging configuration uses a non-default Pattern Layout with either a Context...

MGASA-2021-0566 Updated log4j packages fix security vulnerability

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map MDC input data when the logging configuration uses a non-default Pattern Layout with either a Context...

Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat

Description livehelperchat is vulnerable to stored XSS in users profile setting where username, password, repeat password, nickname, name, surname, job title fields are vulnerable to stored XSS. Proof of Concept this.constructor.constructor'alert"foo"' Enter the given payload in the above-mention...

PseudoManuscrypt: a mass-scale spyware attack campaign

In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT groups arsenal. In 2020, the group used Manuscrypt in attacks on defense enterprises in different countries. These attacks are described in th...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2021:4099-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:4099-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local...

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

As if finding one easily exploited and extremely dangerous flaw in the ubiquitous Java logging library Apache Log4j hadn’t already turned the Internet security community on its ear, researchers now have found a new vulnerability in Apache’s patch issued to mitigate it. Last Thursday security...