BeyondTrust Remote Support 6.0 Cross Site Scripting Vulnerability

BeyondTrust Remote Support versions 6.0 and below suffer from a cross site scripting vulnerability. Exploit Title: BeyondTrust Remote Support - Reflected Cross-Site Scripting XSS Unauthenticated Google Dork: intext:"BeyondTrust" "Redistribution Prohibited" Date: 30/12/2021 Exploit Author: Malcrov...

CVE-2020-7880

The vulnerabilty was discovered in ActiveX module related to NeoRS remote support program. This issue allows an remote attacker to download and execute remote file. It is because of improper parameter validation of StartNeoRS function in ActiveX...

Design/Logic Flaw

The vulnerabilty was discovered in ActiveX module related to NeoRS remote support program. This issue allows an remote attacker to download and execute remote file. It is because of improper parameter validation of StartNeoRS function in ActiveX...

NeoRS RS10 输入验证错误漏洞

Douzone Bizon NeoRs is a remote support service from Douzone Bizon in Korea. Remote Pc can be accessed and controlled anytime, anywhere through the remote support site. A security vulnerability exists in NeoRS RS10 version, which stems from improper validation of the parameters of the StartNeoRS...

Design/Logic Flaw

Dell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC PowerScale OneFS supported version 9.0.0 contain an access issue with the remotesupport user account. A remote malicious user with low privileges may gain access to data stored on the /ifs directory through most protocols...

CVE-2020-7861

AnySupport Remote support solution before 2019.3.21.0 allows directory traversing because of swprintf function to copy file from a management PC to a client PC. This can be lead to arbitrary file execution...

Design/Logic Flaw

AnySupport Remote support solution before 2019.3.21.0 allows directory traversing because of swprintf function to copy file from a management PC to a client PC. This can be lead to arbitrary file execution...

CVE-2020-7861

CVE-2020-7861 affects AnySupport (Remote support solution). A directory traversal vulnerability arises before 2019.3.21.0 due to the use of swprintf to copy files from a management PC to a client PC, which can lead to arbitrary file execution. The Red Hat and NVD/NVD-derived records corroborate t...

Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack

Tyler Technologies, a Texas-based company that bills itself as the largest provider of software and technology services to the United States public sector, is battling a network intrusion that has disrupted its operations. The company declined to discuss the exact cause of the disruption, but the...

TeamViewer Flaw in Windows App Allows Password-Cracking

Popular remote-support software TeamViewer has patched a high-severity flaw in its desktop app for Windows. If exploited, the flaw could allow remote, unauthenticated attackers to execute code on users’ systems or crack their TeamViewer passwords. TeamViewer is a proprietary software application...

Dell EMC Isilon OneFS Security Feature Issue Vulnerability

Dell EMC Isilon OneFS is a horizontally scalable storage system for unstructured data from Dell USA. A security vulnerability exists in Dell EMC Isilon OneFS 8.2.2 and earlier versions. The vulnerability can be exploited by an attacker to compromise an affected system with the help of the...

Dameware Remote Support 12.1.1.273 - Buffer Overflow (SEH)

Exploit Title: Dameware Remote Support 12.1.1.273 - Buffer Overflow SEH Exploit Author: gurbanli Date: 2020-05-13 Vulnerable Software: Solarwinds Dameware Remote Support 12.1.1.273 Vendor Homepage: https://www.solarwinds.com/ Version: 12.1.1.273 Software Link:...

Dameware Remote Support 12.1.1.273 - Buffer Overflow (SEH) Exploit

Exploit Title: Dameware Remote Support 12.1.1.273 - Buffer Overflow SEH Exploit Author: gurbanli Vulnerable Software: Solarwinds Dameware Remote Support 12.1.1.273 Vendor Homepage: https://www.solarwinds.com/ Version: 12.1.1.273 Software Link:...

SAP Solution Manager Authorization Issues Vulnerability

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...

LiteManager 4.5.0 Insecure File Permissions

Exploit Title: LiteManager 4.5.0 - Insecure File Permissions Exploit Author: ZwX Exploit Date: 2019-11-21 Vendor Homepage : LiteManager Team Software Link: http://html.tucows.com/preview/1594042/LiteManager-Free?q=remote+support Tested on OS: Windows 7 Proof of Concept PoC:...

Cisco TelePresence Collaboration Endpoint Software Elevation of Privilege Vulnerability

Cisco TelePresence is a Cisco TelePresence solution. A security vulnerability exists in Cisco TelePresence Collaboration Endpoint CE versions prior to 9.8.0 due to insufficient input validation. An attacker can use this vulnerability to authenticate to a remote support user identity and send...

Cisco TelePresence Collaboration Endpoint Software Elevation of Privilege Vulnerability (CNVD-2019-37411)

Cisco TelePresence is a Cisco TelePresence solution. A security vulnerability exists in Cisco TelePresence Collaboration Endpoint CE versions prior to 9.8.1 due to insufficient input validation. An attacker can exploit the vulnerability to be able to execute commands with root privileges by...

CVE-2019-15277

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint CE Software could allow an authenticated, local attacker to execute code with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating as the...

CVE-2019-15273

Multiple vulnerabilities in the CLI of Cisco TelePresence Collaboration Endpoint CE Software could allow an authenticated, local attacker to overwrite arbitrary files. The vulnerabilities are due to insufficient permission enforcement. An attacker could exploit these vulnerabilities by...

Design/Logic Flaw

Multiple vulnerabilities in the CLI of Cisco TelePresence Collaboration Endpoint CE Software could allow an authenticated, local attacker to overwrite arbitrary files. The vulnerabilities are due to insufficient permission enforcement. An attacker could exploit these vulnerabilities by...