[SECURITY] Fedora 25 Update: picocom-2.2-2.fc25

As its name suggests, picocom is a minimal dumb-terminal emulation program. It is, in principle, very much like minicom, only it's "pico" instead of "mini"! It was designed to serve as a simple, manual, modem configuration, testing, and debugging tool. It has also served quite well as a low-tech...

[SECURITY] Fedora 24 Update: picocom-2.2-2.fc24

As its name suggests, picocom is a minimal dumb-terminal emulation program. It is, in principle, very much like minicom, only it's "pico" instead of "mini"! It was designed to serve as a simple, manual, modem configuration, testing, and debugging tool. It has also served quite well as a low-tech...

CVE-2015-9029

In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access control settings of modem memory...

Eir D1000 Arbitrary Command Execution Vulnerability

The Eir D1000 is a modem from Eir Ireland. A security vulnerability exists in the Eir D1000 modem that stems from the program failing to properly restrict the TR-064 protocol. A remote attacker can exploit the vulnerability to execute arbitrary commands on TCP port 7547...

CVE-2016-10372

The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password which defaults to the Wi-Fi password, and using the NewNTPServer...

CVE-2016-10372

The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password which defaults to the Wi-Fi password, and using the NewNTPServer...

CVE-2016-10372

CVE-2016-10372 affects the Eir D1000 modem. The root cause is improper restriction of the TR-064 protocol, allowing remote attackers to execute arbitrary commands via TCP port 7547. Reported demonstrations include opening WAN access to port 80, retrieving the login password (which defaults to the...

CVE-2016-4030

Samsung SM-G920F build G920FXXU2COH2 Galaxy S6, SM-N9005 build N9005XXUGBOK6 Galaxy Note 3, GT-I9192 build I9192XXUBNB1 Galaxy S4 mini, GT-I9195 build I9195XXUCOL1 Galaxy S4 mini LTE, and GT-I9505 build I9505XXUHOJ2 Galaxy S4 devices have unintended availability of the modem in USB configuration...

Design/Logic Flaw

Samsung SM-G920F build G920FXXU2COH2 Galaxy S6, SM-N9005 build N9005XXUGBOK6 Galaxy Note 3, GT-I9192 build I9192XXUBNB1 Galaxy S4 mini, GT-I9195 build I9195XXUCOL1 Galaxy S4 mini LTE, and GT-I9505 build I9505XXUHOJ2 Galaxy S4 devices have unintended availability of the modem in USB configuration...

CVE-2016-4030

Technical details for CVE-2016-4030 are not publicly provided in the supplied documents. The Connected documents do not contain product/version/root-cause/impact/remediation for this CVE. Monitor for updates from official advisories and vendor advisories.

CVE-2016-4030

Samsung SM-G920F build G920FXXU2COH2 Galaxy S6, SM-N9005 build N9005XXUGBOK6 Galaxy Note 3, GT-I9192 build I9192XXUBNB1 Galaxy S4 mini, GT-I9195 build I9195XXUCOL1 Galaxy S4 mini LTE, and GT-I9505 build I9505XXUHOJ2 Galaxy S4 devices have unintended availability of the modem in USB configuration...

Huawei HG658 V2 Cross Site Scripting Vulnerability

Exploit for hardware platform in category web applications HUAWEI HG658 V2 = Modem Web Interface Reflected XSS Vulnerability My + Discovered by: KnocKout Contact : email protected HomePage : http://cyber-warrior.org Software info |Hardware/Web App : HUAWEI |Affected Version : HG658 V2 |Official...

Huawei HG658 V2 Cross Site Scripting

HUAWEI HG658 V2 = Modem Web Interface Reflected XSS Vulnerability My + Discovered by: KnocKout Contact : [email protected] HomePage : http://cyber-warrior.org Software info |Hardware/Web App : HUAWEI |Affected Version : HG658 V2 |Official Web: http://www.huawei.com INFO the same network with...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary commands

The vulnerability of the initial loader of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a local attacker to execute arbitrary commands on the device’s modem. This issue is considered “high” because it causes continuous service...

Tenda ADSL2/2+ Modem D820R Unauthenticated Remote DNS Change

!/bin/bash Tenda ADSL2/2+ Modem D820R Unauthenticated Remote DNS Change Exploit Copyright 2017 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Once...

Tenda ADSL2/2+ Modem D840R - Unauthenticated DNS Change

No description provided by source. !/bin/bash Tenda ADSL2/2+ Modem D840R Unauthenticated Remote DNS Change Exploit Copyright 2017 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible...

Tenda ADSL2/2+ Modem D840R DNS Changer

!/bin/bash Tenda ADSL2/2+ Modem D840R Unauthenticated Remote DNS Change Exploit Copyright 2017 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Once...

Huawei Flybox B660 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Document Title: =============== Huawei Flybox B660 - POST SMS CSRF Web Vulnerability Product & Service Introduction: =============================== The Huawei B660 has a web interface for configuration. You can use any web browser you li...

Tenda ADSL22+ Modem D840R - DNS Change

Tenda ADSL22+ Modem D840R - DNS Change !/bin/bash Tenda ADSL2/2+ Modem D840R Unauthenticated Remote DNS Change Exploit Copyright 2017 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is...

CVE-2016-8467

An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service device interoperability: completely permanent or requiring re-flashing the entir...