14 matches found
EUVD-2017-2365
Malware in sbrugna...
Medical Certificate Generator App 跨站脚本漏洞
The Medical Certificate Generator App is a simple web application for medical clinics. A cross-site scripting vulnerability exists in SourceCodester Medical Certificate Generator App version 1.0, which stems from incorrect manipulation of a special parameter that results in cross-site scripting...
CVE-2017-10724
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that an attacker connected to the device Wi-Fi SSID can exploit a memory corruption issue and execute remote code on the device. This device acts as an Endoscope camera that allows...
CVE-2017-10721
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the device has Telnet functionality enabled by default. This device acts as an Endoscope camera that allows its users to use it in various industrial systems and settings, car...
CVE-2017-10719
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the device has default Wi-Fi credentials that are exactly the same for every device. This device acts as an Endoscope camera that allows its users to use it in various...
Design/Logic Flaw
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the device has Telnet functionality enabled by default. This device acts as an Endoscope camera that allows its users to use it in various industrial systems and settings, car...
Memory corruption
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that an attacker connected to the device Wi-Fi SSID can exploit a memory corruption issue and execute remote code on the device. This device acts as an Endoscope camera that allows...
Memory corruption
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that an attacker connected to the device Wi-Fi SSID can exploit a memory corruption issue and execute remote code on the device. This device acts as an Endoscope camera that allows...
CVE-2017-10724
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that an attacker connected to the device Wi-Fi SSID can exploit a memory corruption issue and execute remote code on the device. This device acts as an Endoscope camera that allows...
CVE-2017-10724
CVE-2017-10724 describes a memory corruption/overflow issue in the firmware of the Shekar Endoscope. The vulnerability arises in the UDP handling path: a crafted UDP request to change the Wi‑Fi name is processed by the control_Dev_thread, leading to a call to setwifipassword which uses memcpy wit...
CVE-2017-10723
CVE-2017-10723 affects the Shekar Endoscope firmware where the UDP daemon’s handling of a Wi‑Fi name change request uses a flawed memcpy invocation with the payload length derived from strlen. This leads to a buffer overflow in the function setwifiname , enabling memory corruption and potential r...
CVE-2017-10718
CVE-2017-10718 affects the Shekar Endoscope firmware. A vulnerability lets any malicious user connecting to the device change the default SSID and password, denying the owner access. This can enable an attacker to access the video feed and images; it also could facilitate footholds in air‑gapped ...
CVE-2017-10719
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the device has default Wi-Fi credentials that are exactly the same for every device. This device acts as an Endoscope camera that allows its users to use it in various...
CVE-2017-10721
Recently it was discovered as a part of the research on IoT devices in the most recent firmware for Shekar Endoscope that the device has Telnet functionality enabled by default. This device acts as an Endoscope camera that allows its users to use it in various industrial systems and settings, car...