569 matches found
FortiCam FCM-MB40 Code Execution / Privilege Escalation
Original posting: https://xor.cat/2019/06/19/fortinet-forticam-vulns/ Background In March of 2019 I discovered five vulnerabilities in Fortinet's FortiCam FCM-MB401 product. Part-way through disclosing this vulnerability, I discovered that the FCM-MB40 is manufactured by a company called Dynacolo...
CVE-2019-5627 BlueCats Reveal iOS App Insecure Storage
The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the app cache as base64 encoded strings, i.e. clear text. These persist in the cache even if the user logs out. This can allow an attacker to compromise the affected BlueCats network implementation. The...
CVE-2019-5626 BlueCats Reveal Android App Insecure Storage
The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in a clear text file. This file persists until the user logs out or the session times out from non-usage 30 days of no user activity. This can allow an attacker to compromise the affected BlueCats networ...
CVE-2019-5625 Eaton Halo Home Android App Insecure Storage
The Android mobile application Halo Home before 1.11.0 stores OAuth authentication and refresh access tokens in a clear text file. This file persists until the user logs out of the application and reboots the device. This vulnerability can allow an attacker to impersonate the legitimate user by...
CVE-2019-11384
The Zalora application 6.15.1 for Android stores confidential information insecurely on the system i.e. plain text, which allows a non-root user to find out the username/password of a valid user via /data/data/com.zalora.android/sharedprefs/logindata.xml...
CVE-2019-11384
The Zalora application 6.15.1 for Android stores confidential information insecurely on the system i.e. plain text, which allows a non-root user to find out the username/password of a valid user via /data/data/com.zalora.android/sharedprefs/logindata.xml...
Authentication Bypass Bug Hits Top Enterprise VPNs
UPDATE VPN apps built by four vendors — Cisco, F5 Networks, Palo Alto Networks and Pulse Secure — improperly store authentication tokens and session cookies without encryption on a user’s computer, according to an alert from the U.S. government’s Cybersecurity and Infrastructure Security Agency...
Multiple VPN applications insecurely store session cookies
A research of Software Engineering Institute of the Carnegie Mellon University shows that multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files. CVE: CVE-2019-1573 CVE-2016-8201 Last updated: April 12, 2019, 8:17 p.m...
VPN applications insecurely store session cookies
Overview Multiple Virtual Private Network VPN applications store the authentication and/or session cookies insecurely in memory and/or log files. Description Virtual Private Networks VPNs are used to create a secure connection with another network over the internet. Multiple VPN applications stor...
Versa Networks: Passwords Stored Insecurely
In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation function prior to storage. Popular hashing algorithms based on the Merkle-Damgardconstruction such as MD5 and SHA-1 alone are insufficient in thwarting password...
Mail.ru: Insecure Storage and Overly Permissive Google Maps API Key in Android App
Google API keys used in Cloud Mail.Ru for Android application were not properly limited in functionality...
PHOENIX CONTACT FL SWITCH
1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: PHOENIX CONTACT Equipment: FL SWITCH Vulnerabilities: Cross-site Request Forgery, Improper Restriction of Excessive Authentication Attempts, Cleartext Transmission of Sensitive Information, Resourc...
CVE-2016-4644
In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue was addressed by storing the authentication types with the credentials...
GitLab CE/EE Sensitive Information Plaintext Storage Vulnerability
GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github for accessing the contents of a project's files, commit history, bug lists, and more. A sensitive informati...
CVE-2018-15123
Insecure configuration storage in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows remote attacker perform new attack vectors and take under control device and smart home...
CVE-2018-11544
The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a username and password are stored in the /data/data/com.theolivetree.ftpserver/sharedprefs/com.theolivetree.ftpserverpreferences.xml file as the prefUsername and prefUserpass strings...
BeaconMedaes Scroll Medical Air Systems TotalAlert Web Application Information Disclosure Vulnerability (CNVD-2018-10605)
BeaconMedaes Scroll Medical Air Systems is a medical surgical air system from BeaconMedaes, Inc. and TotalAlert Web Application is a web-based management program. A security vulnerability exists in the TotalAlert Web Application in the BeaconMedaes Scroll Medical Air Systems. An attacker could...
CVE-2017-5250
In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner...
CVE-2017-5249
In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner...
CVE-2017-5249
In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner...