22 matches found
EUVD-2022-48347
Malicious code in bioql PyPI...
CVE-2022-45481
The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...
CVE-2022-45481
The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...
CVE-2022-45481
The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...
Default configuration
The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...
thisAAY Lazy Mouse 访问控制错误漏洞
thisAAY Lazy Mouse is a mouse application from thisAAY. A security vulnerability exists in versions prior to thisAAY Lazy Mouse 2.0.1, which stems from a default configuration that does not require a password and allows an unauthenticated remote user to execute arbitrary code without prior...
CVE-2022-45481
The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...
CVE-2022-45481
CVE-2022-45481 affects Lazy Mouse. The vulnerability arises from the default configuration that does not require a password, enabling remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS v3.1 base score 9.8 (CRITICAL); attack vector NETWORK; i...
CVE-2022-45481
The default configuration of Lazy Mouse does not require a password, allowing remote unauthenticated users to execute arbitrary code with no prior authorization or authentication. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...
CVE-2022-45482
Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary commands. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...
CVE-2022-45483
Lazy Mouse allows an attacker in a man in the middle position between the server and a connected device to see all data including keypresses in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N...
CVE-2022-45483
Lazy Mouse allows an attacker in a man in the middle position between the server and a connected device to see all data including keypresses in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N...
Code injection
Lazy Mouse allows an attacker in a man in the middle position between the server and a connected device to see all data including keypresses in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N...
Time to uninstall! Abandoned Android apps pack a vulnerability punch
Synopsis has published an advisory warning of multiple vulnerabilities across three different Android remote mouse and keyboard apps with a combined install count of about two million. The apps are at risk from remote code execution RCE, and theres no sign of a fix coming anytime, ever. Bleeping...
Watch Out! These Android Keyboard Apps With 2 Million Installs Can be Hacked Remotely
Multiple unpatched vulnerabilities have been discovered in three Android apps that allow a smartphone to be used as a remote keyboard and mouse. The apps in question are Lazy Mouse, PC Keyboard, and Telepad, which have been cumulatively downloaded over two million times from the Google Play Store...
PT-2022-27539 · Unknown · Lazy Mouse
Name of the Vulnerable Software and Affected Versions: Lazy Mouse affected versions not specified Description: The issue allows an attacker in a man-in-the-middle position between the server and a connected device to see all data, including keypresses, in cleartext. Recommendations: At the moment...
thisAAY Lazy Mouse 安全漏洞
thisAAY Lazy Mouse is a mouse application from thisAAY. A security vulnerability exists in thisAAY Lazy Mouse that stems from the fact that it allows an attacker to view all data via a man-in-the-middle attack...
CVE-2022-45483
Lazy Mouse allows an attacker in a man in the middle position between the server and a connected device to see all data including keypresses in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N...
CVE-2022-45482
Lazy Mouse server enforces weak password requirements and doesn't implement rate limiting, allowing remote unauthenticated users to easily and quickly brute force the PIN and execute arbitrary commands. CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...
CVE-2022-45482
CVE-2022-45482 concerns the Lazy Mouse server, where the vulnerability is caused by weak password requirements and lack of rate limiting. This allows remote, unauthenticated attackers to brute force the PIN and potentially execute arbitrary commands. The core data sources describe the affected co...