CVE-2012-4933

The rtrlet web application in the Web Console in Novell ZENworks Asset Management ZAM 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the 1 GetFilePassword and 2 GetConfigInfoPassword operations, which allows remote attackers to obtain sensitive information via a...

Visual Tools DVR3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities

Visual Tools DVR3.0.6.16 vx series 4.2.19.2 - Multiple Vulnerabilities Exploit Title: Visual Tools DVR multiple vulnerabilities Date: 2012-10-15 Exploit Author: Andrea Fabrizi Vendor Homepage: http://www.visual-tools.com/ Version: VS Series = 3.0.6.16, VX Series = 4.2.19.2 Tested on: VS Series...

BigPond 3G21WB - Multiple Vulnerabilities

BigPond 3G21WB - Multiple Vulnerabilities Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB ============================================================================== ADVISORY INFORMATION Title: Hard-coded credentials and command-injection vulnerabilities on BigPo...

BigPond 3G21WB Multiple Vulnerabilities

Exploit for hardware platform in category web applications Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB ============================================================================== ADVISORY INFORMATION Title: Hard-coded credentials and command-injection...

BigPond 3G21WB security vulnerabilities

Hard coded credentials, commands injection...

BigPond 3G21WB - Multiple Vulnerabilities

Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB ============================================================================== ADVISORY INFORMATION Title: Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB Discovery date: 17/09/2012 Relea...

SCADA Hacking : Exploit released to Hack Solar Energy Plants

ICS-CERT - Industrial Control Systems Cyber Emergency Response Team has released the Advisory titled ICS-ALERT-12-284-01 - Sinapsi eSolar Light Multiple Vulnerabilities. They Report about report multiple vulnerabilities with proof-of-concept PoC exploit code that affecting the Sinapsi eSolar Ligh...

BigPond 3G21WB Hardcoded Credentials / Command Injection

Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB ============================================================================== ADVISORY INFORMATION Title: Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB Discovery date: 17/09/2012 Relea...

Carlo Gavazzi EOS Box Multiple Vulnerabilities

Overview This advisory provides mitigation details for multiple vulnerabilities that impact the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has identified two vulnerabilities in the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has produced a firmware...

PT-2015-12: Privilege Gaining in Siemens SIMATIC WinCC (TIA Portal)

The specialists of the Positive Research center have detected a Privilege Gaining vulnerability in Siemens SIMATIC WinCC TIA Portal. Vulnerability exists due to a hard coded encryption key in WinCC RT Professional, which allows remote attackers to obtain sensitive information and escalate their...

Ezylog Photovoltaic Management Server - Multiple Vulnerabilities

Ezylog Photovoltaic Management Server - Multiple Vulnerabilities Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server...

Ezylog Photovoltaic Management Server - Multiple Vulnerabilities

Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server Discovery date: 27/08/2012 Release date: 11/09/2012 Credits: Roberto...

Ezylog Photovoltaic Management Server Multiple Vulnerabilities

Exploit for php platform in category web applications Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server Discovery date:...

Ezylog Photovoltaic Management SQL Injection / Command Injection

Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server Discovery date: 27/08/2012 Release date: 11/09/2012 Credits: Roberto...

HP SAN/iQ Virtual SAN Appliance Multiple Parameters Command Execution Vulnerabilities

HP SAN/iQ Virtual SAN Appliance is prone to multiple command execution vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Sinapsi Devices Vulnerabilities

Overview This advisory is a follow-up to the alert titled ICS-ALERT-12-284-01—Sinapsi eSolar Light Vulnerabilities that was published October 10, 2012. Independent researchers Roberto Paleari and Ivan Speziale identified four vulnerabilities and released proof-of-concept exploit code for the...

Korenix Jetport 5600 Series Hard-coded Credentials

Overview This advisory provides mitigation details for a vulnerability that impacts the Korenix JetPort 5600. Independent researcher Reid Wightman of Digital Bond identified undocumented hard-coded root credentials in the firmware of the Korenix JetPort 5600 system application without coordinatio...

Siemens Simatic S7-300 PLC Remote Memory Viewer

Exploit Title: Siemens Simatic S7 300 Remote Memory Viewer Backdoor Date: 7-13-2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.siemens.com/ Tested on: Siemens Simatic S7-1200 PLC CVE : None require 'msf/core' class Metasploit3 'Siemens Simatic S7-300 PLC Remote Memory Viewer',...

Siemens Simatic S7-300 - PLC Remote Memory Viewer (Metasploit)

Exploit Title: Siemens Simatic S7 300 Remote Memory Viewer Backdoor Date: 7-13-2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.siemens.com/ Tested on: Siemens Simatic S7-1200 PLC CVE : None require 'msf/core' class Metasploit3 'Siemens Simatic S7-300 PLC Remote Memory Viewer',...

Siemens Simatic S7-300 - PLC Remote Memory Viewer (Metasploit)

Siemens Simatic S7-300 - PLC Remote Memory Viewer Metasploit Exploit Title: Siemens Simatic S7 300 Remote Memory Viewer Backdoor Date: 7-13-2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.siemens.com/ Tested on: Siemens Simatic S7-1200 PLC CVE : None require 'msf/core' class...