59 matches found
Design/Logic Flaw
An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctwebserver binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted and returns...
CVE-2023-33294
An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctwebserver binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted and returns...
PT-2023-23261 · Snap One · Ovrc Pro
Name of the Vulnerable Software and Affected Versions: Snap One OvrC Pro versions prior to 7.2 Description: The issue concerns a locally running web server in Snap One OvrC Pro that is accessible from both the local network and remotely. Additionally, there is a hidden superuser account in OvrC...
CVE-2023-33293
CVE-2023-33293 affects KaiOS 3.0 and 3.1. The /system/kaios/api-daemon binary hosts a local web server at *.localhost with per-application subdomains (e.g., myapp.localhost). A malicious user can issue requests to the api-daemon to check whether a specific app is installed and to read manifest.we...
CVE-2023-33294
An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctwebserver binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted and returns...
CVE-2023-33293
An issue was discovered in KaiOS 3.0 and 3.1. The binary /system/kaios/api-daemon exposes a local web server on .localhost with subdomains for each installed applications, e.g., myapp.localhost. An attacker can make fetch requests to api-deamon to determine if a given app is installed and read th...
CVE-2023-33293
An issue was discovered in KaiOS 3.0 and 3.1. The binary /system/kaios/api-daemon exposes a local web server on .localhost with subdomains for each installed applications, e.g., myapp.localhost. An attacker can make fetch requests to api-deamon to determine if a given app is installed and read th...
Ultimaker 3D printer 安全漏洞
The Ultimaker 3D printer is a range of powerful, professional 3D printers from Dutch company Ultimaker. A security vulnerability exists in several Ultimaker products that originates from a local web server that can be used for clickjacking...
CVE-2021-3790
A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device...
PowerTools
This repository is an offensive tool for PowerShell exploitation. It contains a collection of scripts that utilize a common pattern to host a script on a PowerShell webserver, invoke the IEX download cradle to download/execute the target code and post the results back to the server, and then...
CVE-2019-18894
In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently...
Zoom Video Conferencing for macOS Also Vulnerable to Critical RCE Flaw
The chaos and panic that the disclosure of privacy vulnerability in the highly popular and widely-used Zoom video conferencing software created earlier this week is not over yet. As suspected, it turns out that the core issue—a locally installed web server by the software—was not just allowing an...
Flaw in Zoom Video Conferencing Software Lets Websites Hijack Mac Webcams
If you use Zoom video conferencing software on your Mac computer—then beware—any website you're visiting in your web browser can turn on your device camera without your permission. Ironically, even if you had ever installed the Zoom client on your device and simply uninstalled it, a remote attack...
CVE-2019-13028
An incorrect implementation of a local web server in eID client Windows version before 3.1.2, Linux version before 3.0.3 allows remote attackers to execute arbitrary code .cgi, .pl, or .php or delete arbitrary files via a crafted HTML page. This is a product from the Ministry of Interior of the...
Design/Logic Flaw
An incorrect implementation of a local web server in eID client Windows version before 3.1.2, Linux version before 3.0.3 allows remote attackers to execute arbitrary code .cgi, .pl, or .php or delete arbitrary files via a crafted HTML page. This is a product from the Ministry of Interior of the...
Pre-Installed Software Flaw Exposes Most Dell Computers to Remote Hacking
If you use a Dell computer, then beware — hackers could compromise your system remotely. Bill Demirkapi, a 17-year-old independent security researcher, has discovered a critical remote code execution vulnerability in the Dell SupportAssist utility that comes pre-installed on most Dell computers...
Philips In.Sight B120/37 Privilege Gain Vulnerability
The Philips In.Sight B120/37 is a video monitoring device for infants from Philips Netherlands. A privilege acquisition vulnerability exists in the Philips In.Sight B120/37. Sight B120/37 can be exploited to gain access to the local web server and operating system...
PHP SETI@Home Web Monitor Local File Inclusion / Remote File Inclusion
=========================================================================== PHP SETI@home web monitor phpsetimon RFI / LFI Vulnerability =========================================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' ...
PT-1999-1526 · Disney · Disney Go Express
Name of the Vulnerable Software and Affected Versions: Disney Go Express affected versions not specified Description: The issue allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. Recommendations: At the moment, there is ...