CB TAU Threat Intelligence Notification: HopLight Campaign (Linked to North Korea) is Reusing Substantial Amount of Code

On April 10, 2019 the US Department of Homeland Security DHS released a Malware Analysis Report MAR-10135536-8 which detailed the trojan HopLight. HopLight has been linked to different North Korean DPRK campaigns also known as the Lazarus Group. The CB Threat Analysis Unit TAU has continued to...

CVE-2018-13295

Information exposure vulnerability in SYNO.Personal.Application.Info in Synology Application Service before 1.5.4-0320 allows remote authenticated users to obtain sensitive system information via the version parameter...

Input Validation Vulnerability in Caret

Caret is a software package for plotting classification and regression models. An input validation vulnerability exists in versions of Caret prior to 2019-02-22 that originates from a networked system or product that does not properly validate incoming data. An attacker could exploit the...

CVE-2018-14979

The CVE-2018-14979 entry concerns ASUS ZenFone 3 Max (ASUS_X008_1) with pre-installed com.asus.loguploader. The issue is an exported service, LogUploaderService, accessible via a specific action, that can write a bugreport (kernel log, logcat, system service states including active notifications)...

Rockwell Automation Allen-Bradley 1752-EN2T/C / 1769-L33ER/A LOGIX5333ER XSS

Exploit Title: Rockwell Automation Allen-Bradley 1752-EN2T/C, 1769-L33ER/A LOGIX5333ER Cross Site Scripting Google Dork: N/A Date: 5/12/2018 Exploit Author: n4pst3r Vendor Homepage: https://www.rockwellautomation.com/ Software Link: unkn0wn Version: 1752-EN2T/C, 1769-L33ER/A LOGIX5333ER Tested on...

Rockwell Automation Allen-Bradley 1752-EN2T/C, 1769-L33ER/A Cross Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Rockwell Automation Allen-Bradley 1752-EN2T/C, 1769-L33ER/A LOGIX5333ER Cross Site Scripting Google Dork: N/A Date: 5/12/2018 Exploit Author: n4pst3r Vendor Homepage: https://www.rockwellautomation.com/ Software Link: unkn0...

Curriculum Evaluation System 1.0 SQL Injection

Exploit Title: Curriculum Evaluation System 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/curriculumevaluationsystem0.zip...

Information Disclosure Vulnerability in NSG 9000-6G

The NSG™ 9000-6G high-density general purpose edgeQAM system is a highly integrated digital video solution for multiplexing request-based video content over IP networks. An information disclosure vulnerability exists in the NSG 9000-6G that could be exploited by an attacker to obtain sensitive...

Linux ext4: out-of-bounds memcpy via non-inline system.data xattr(CVE-2018-11412)

ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in the inode which normally contains a list of blocks instead,...

DEBIAN-CVE-2018-11412

In the Linux kernel 4.13 through 4.16.11, ext4readinlinedata in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode...

UBUNTU-CVE-2018-11412

In the Linux kernel 4.13 through 4.16.11, ext4readinlinedata in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode...

CVE-2018-0014

Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25...

Inside the CCleaner Backdoor Attack

MADRID—As the investigation continues into the backdoor planted inside CCleaner, two members of parent company Avast’s threat intelligence team said today the desktop and cloud versions of the popular software contained different payloads. The revelation was made during a talk at Virus Bulletin...

CVE-2017-8003

EMC Data Protection Advisor prior to 6.4 contains a path traversal vulnerability. A remote authenticated high privileged user may potentially exploit this vulnerability to access unauthorized information from the underlying OS server by supplying specially crafted strings in input parameters of t...

Adobe Captivate Information Disclosure Vulnerability

Adobe Captivate is a screen recording software. An information disclosure vulnerability exists in Adobe Captivate. An attacker can use this vulnerability to obtain sensitive system information...

Schneider Electric U.motion Builder Information Disclosure Vulnerability

U.motion Builder is a builder product from Schneider Electric France. An information disclosure vulnerability exists in Schneider Electric U.motion Builder. Returns system information to an attacker containing sensitive data. Allowing an attacker to exploit the vulnerability to execute arbitrary...

Eview EV-07S GPS Tracker Information Disclosure Vulnerability

The Eview EV-07S GPS Tracker is a GPS tracking device for personal safety and personal protection. A security vulnerability exists in the Eview EV-07S GPS Tracker. The vulnerability can be exploited by an attacker to obtain sensitive information GPS data, etc...

CVE-2016-7107

Huawei Unified Maintenance Audit UMA before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors...

Code injection

Huawei Unified Maintenance Audit UMA before V200R001C00SPC200 SPH206 allows remote attackers to reset arbitrary user passwords and consequently affect system data integrity via unspecified vectors...

Shopify: Unauthorized access to Zookeeper on http://locutus-zk3.ec2.shopify.com:2181

What is Zookeeper? ==================== Zookeeper is a coordination service for distributed applications. It allows common services such as naming, synchronisation, configuration management and group services to be managed by a simple interface and It uses a data model of File System on an...