186 matches found
CVE-2022-3913 Rapid7 Nexpose Certificate Validation Issue
Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of the update server when downloading updates. This failure could allow an attacker in a privileged position on the network to provide their own HTTPS endpoint, or intercept communications to the...
CVE-2022-3913 Rapid7 Nexpose Certificate Validation Issue
Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of the update server when downloading updates. This failure could allow an attacker in a privileged position on the network to provide their own HTTPS endpoint, or intercept communications to the...
CVE-2022-3913
CVE-2022-3913 affects Rapid7 Nexpose and InsightVM, versions 6.6.82–6.6.177, due to failure to validate the update server’s TLS certificate when downloading updates. This could allow a network‑adjacent attacker with some access along the path to supply their own HTTPS endpoint or intercept traffi...
PT-2023-13700 · Rapid7 · Insightvm +1
Name of the Vulnerable Software and Affected Versions: Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 Description: The issue arises from the failure to validate the certificate of the update server when downloading updates. This could allow an attacker in a privileged position on th...
H3C Magic R100 安全漏洞
H3C Magic R100 is a router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic R100, which stems from the updserver service opening an official backdoor on port 9034, allowing an attacker to execute arbitrary commands...
Malicious code in exodus-update-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0714bdabac6b7d72b58235090952a26bb3d9dde3b2d5ebe92d45980293df431c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2918 Malicious code in exodus-update-server (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0714bdabac6b7d72b58235090952a26bb3d9dde3b2d5ebe92d45980293df431c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
AutoUpdater module fails to validate certain nested components of the bundle
Impact This vulnerability allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. Please note that this kind of attack would require...
CVE-2022-29257 Electron's AutoUpdater module fails to validate certain nested components of the bundle
Electron is a framework for writing cross-platform desktop applications using JavaScript JS, HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafte...
CVE-2022-29257
Summary: CVE-2022-29257 affects Electron up to version 18.0.0-beta.6 (and older 17.2.0, 16.2.6, 15.5.5). If an attacker controls a victim app’s update server/storage, they can serve update packages that pass code signing validation but run malicious code in some components. The vulnerability aris...
CVE-2022-29257 Electron's AutoUpdater module fails to validate certain nested components of the bundle
Electron is a framework for writing cross-platform desktop applications using JavaScript JS, HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafte...
Researchers warn of FFDroider and Lightning info-stealers targeting users in the wild
Cybersecurity researchers are warning of two different information-stealing malware, named FFDroider and Lightning Stealer, that are capable of siphoning data and launching further attacks. "Designed to send stolen credentials and cookies to a Command & Control server, FFDroider disguises itself ...
CVE-2022-0677
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools in relay role, GravityZone in Update Server role allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to...
CVE-2022-0677
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools in relay role, GravityZone in Update Server role allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to...
Input validation
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools in relay role, GravityZone in Update Server role allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to...
CVE-2022-0677
CVE-2022-0677 is an instance of an improper handling of length parameter inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay) and GravityZone (in Update Server). The issue allows a remote attacker to cause a Denial-of-Service. Affected produ...
CVE-2022-0677
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools in relay role, GravityZone in Update Server role allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to...
CVE-2021-20156
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. It is possible to manually install firmware that may be malicious in nature as there does not appear to be any signature validation done to determine if i...
Improper access control
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access control configuration that could allow for a malicious firmware update. It is possible to manually install firmware that may be malicious in nature as there does not appear to be any signature validation done to determine if i...
CVE-2021-20156
The CVE-2021-20156 entry concerns Trendnet AC2600 TEW-827DRU (firmware version 2.08B01) with improper access control that could let an attacker install malicious firmware. The vulnerability arises from lack of signature validation for firmware updates, including those delivered via the admin inte...