CVE-2018-25029

The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attacker within radio range during pairing to downgrade and then exploit a different vulnerability CVE-2013-20003 to intercept and spoof traffic...

CVE-2021-45735

TOTOLINK X5000R v9.1.0u.6118B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software...

Design/Logic Flaw

TOTOLINK X5000R v9.1.0u.6118B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software...

CVE-2021-45735

TOTOLINK X5000R v9.1.0u.6118B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software...

Z-Wave 安全漏洞

Z-Wave is a wireless communication protocol used primarily for home automation. It is a mesh network that uses low power consumption radio waves to communicate from device to device to wirelessly control appliances and other devices in the home, such as controlling lighting, security systems,...

TotoLink X5000R 授权问题漏洞

The TotoLink X5000R is a router from China's Gion Electronics TotoLink. The TOTOLINK X5000R v9.1.0u.6118B20201102 suffers from an authorization issue vulnerability that allows attackers to intercept user credentials via packet capture software...

Feberr 12.7 Shell Upload Vulnerability

Exploit Title: Feberr - Multivendor Digital Products Marketplace arbitrary file upload Version 12.7 Google Dork: N/A Exploit Author: Sohel Yousef - email protected Software Link: https://www.codester.com/items/14224/feberr-multivendor-digital-products-marketplace Software link 2...

Cisco Small Business 缓冲区错误漏洞

Cisco Small Business is a switch from Cisco USA. A buffer error vulnerability exists in the Cisco Small Business RV Series routers, which results from improper validation of an SSL server certificate received when establishing a connection to a specific remote server. An attacker could exploit th...

Design/Logic Flaw

h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. Whe...

CVE-2021-22811

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause script execution when the request of a privileged account accessing the vulnerable web page is intercepted. Affected Products: 1-Phase Uninterruptible Power Supply UP...

PT-2022-2697

Name of the Vulnerable Software and Affected Versions cURL affected versions not specified Description The issue is related to the implementation of the HSTS HTTP Strict Transport Security mechanism in the cURL utility. It could be bypassed if the hostname in the given URL used a trailing dot whi...

China’s Olympics App Is Horribly Insecure

China is mandating that athletes download and use a health and travel app when they attend the Winter Olympics next month. Citizen Lab examined the app and found it riddled with security holes. Key Findings: MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, ha...

CVE-2022-22690

Within the Umbraco CMS, a configuration element named "UmbracoApplicationUrl" or just "ApplicationUrl" is used whenever application code needs to build a URL pointing back to the site. For example, when a user resets their password and the application builds a password reset URL or when the...

reFlutter - Flutter Reverse Engineering Framework

This framework helps with Flutter apps reverse engineering using the patched version of the Flutter library which is already compiled and ready for app repacking. This library has snapshot deserialization process modified to allow you perform dynamic analysis in a convenient way. Key features:...

Improper Access Control in janeczku/calibre-web

Description With default settings, low-level users will not have permission to create new shelf with public mode. However, due to incorrect checking, the function does not work as intended. Steps To Reproduce - Step 1: Login with admin account and go to http://hostname:8083/admin/user/new. Create...

KLA12420 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, spoof user interface. Below is a complete list of vulnerabilities: 1. Cross-site scripting XSS vulnerability in Microsoft Dynamics 365 Customer...

A week in security (January 3 – 9)

Last week on Malwarebytes Labs: Ransomware attacks Finalsite, renders 8,000 school sites unreachable for days Patchwork APT caught in its own web Sophisticated phishing scheme spent years robbing authors of their unpublished work Google and Facebook fined $240 million for making cookies hard to...

GitLab: Gitlab Pages token theft using service workers

Summary It is possible to steal Gitlab Pages session tokens by intercepting requests to the /auth endpoint on a Pages site using service workers. Attack Flow Setup 1. The attacker creates a private Gitlab Pages site at the root of their user page attacker.gitlab.io, ensuring that the project is...

CVE-2021-35034

An insufficient session expiration vulnerability in the CGI program of the Zyxel NBG6604 firmware could allow a remote attacker to access the device if the correct token can be intercepted...

CVE-2021-35034

Zyxel NBG6604 firmware CGI program has an insufficient session expiration vulnerability that can let a remote attacker access the device if the correct token is intercepted. Impact is unauthorized access via the network; exploitation is network-based with no user interaction. No explicit remediat...