Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure Vulnerability

Exploit for hardware platform in category web applications Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1.0...

Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak

Summary We introduce SDT-CS3B1 LTE router which is a SKT 3G and 4G LTE wireless communication based LTE router product. Description Insecure direct object references occur when an application provides direct access to objects based on user-supplied input. As a result of this vulnerability attacke...

Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure

Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1.0 Modem model: PM-L300S Summary: We introduce SDT-CS3B1 LTE...

Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference

Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1.0 Modem model: PM-L300S Summary: We introduce SDT-CS3B1 LTE...

Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure

Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1...

Cambium Networks cnPilot Direct Object Reference Elevation of Privilege Vulnerability

Cambium Networks cnPilot is a cloud-enabled managed single-band router product from Cambium Networks, USA. A security vulnerability exists in Cambium Networks cnPilot using firmware version 4.3.2-R4 and earlier. An attacker can exploit the vulnerability with the help of a direct object reference ...

CVE-2017-5260

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user' account, the configuration file is accessible via direct object reference DRO at...

Design/Logic Flaw

In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to access the configuration file is not available in the normal web administrative console for the 'user' account, the configuration file is accessible via direct object reference DRO at...

CVE-2017-11463

In Ivanti Service Desk formerly LANDESK Management Suite versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. In other words, a normal user can send requests to a specific URI with the target user's username in...

CVE-2017-11463

In Ivanti Service Desk formerly LANDESK Management Suite versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. In other words, a normal user can send requests to a specific URI with the target user's username in...

Design/Logic Flaw

In Ivanti Service Desk formerly LANDESK Management Suite versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. In other words, a normal user can send requests to a specific URI with the target user's username in...

CVE-2017-11463

In Ivanti Service Desk formerly LANDESK Management Suite versions between 2016.3 and 2017.3, an Unrestricted Direct Object Reference leads to referencing/updating objects belonging to other users. In other words, a normal user can send requests to a specific URI with the target user's username in...

CVE-2017-11463

Ivanti Service Desk (LANDESK Management Suite) 2016.3–2017.3 has an Unrestricted Direct Object Reference allowing normal users to reference/update objects belonging to others by sending a URI with a target username, enabling retrieval of keys/tokens to access user profiles, tickets, incidents, et...

RecargaPay: IDOR exposes receipts of all users.

@cablej found an insecure direct object reference IDOR that could expose receipts from external users. Thanks for helping us make RecargaPay more secure!...

ZKTime Web Software 2.0 Insecure Direct Object Reference

Exploit Title: ZKTime Web Software 2.0 - Broken Authentication CVE-ID: CVE-2017-14680 Vendor Homepage: https://www.zkteco.com/product/ZKTimeWeb2.0435.html Vendor of Product: ZKTeco Affected Product Code: ZKTime Web - 2.0.1.12280 Category: WebApps Author: Arvind V. Author Social: @FindArvind...

CVE-2015-6668

The Job Manager plugin before 0.7.25 allows remote attackers to read arbitrary CV files via a brute force attack to the WordPress upload directory structure, related to an insecure direct object reference...

CVE-2015-6668

The WordPress Job Manager plugin vulnerable versions before 0.7.25 allow remote attackers to read arbitrary CV files via an insecure direct object reference by brute-forcing the WordPress upload directory. Impact: CV file disclosure; attack vector: network, no authentication required. Remediation...

Trend Micro Hosted Email Security (HES) Interception / Insecure Direct Object Reference

Date: 24-Aug-2017 Product: Trend Micro Hosted Email Security HES Versions affected: Hosted Email Security before January 2012. Vulnerability: Two vulnerabilities were discovered. The first allowed any HES user to intercept in-transit emails through the Trend Micro Hosted Email Security cloud...

Automated Logic WebCTRL 6.5 - Unrestricted File Upload / Remote Code Execution

!/usr/bin/env python -- coding: utf8 -- Automated Logic WebCTRL 6.5 Unrestricted File Upload Remote Code Execution Vendor: Automated Logic Corporation Product web page: http://www.automatedlogic.com Affected version: ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior ALC WebCTRL, SiteScan Web 6.1 and...

OLX: I found a way to instantly take over ads by other users and change them (IDOR)

A local LetGo webpage was vulnerable to Insecure Data Object Reference issue which could have lead to ad hijack or settings change price, description, location. @kciredor discovered this vulnerability and notified us about this. We would like to thank you for this report. Please do not hesitate t...