22 matches found
EUVD-2020-7186
Malware in sbrugna...
EUVD-2002-0392
Malware in sbrugna...
Security Advisory - Two JSON Injection Vulnerabilities in Some Huawei Servers
The iBMC Intelligent Baseboard Management Controller of some Huawei servers have two JSON injection vulnerabilities due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers t...
D-Link DIR-868L 1.12 Cross Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications ======================================================================= title: Cross Site Request Forgery product: DIR-868L vulnerable version: 1.12 fixed version: 1.20B01 impact: Medium homepage: http://www.dlink.com/ found: 2018-02-18 b...
D-Link DIR-645 unauthroized access
It's possible to obtain administration password without authentication, crossite scripting, buffer overflow...
Colombian ISP - ETB Modem Issue
I've recently discovered a security hole on the modems which double as routers used by a Colombian ISP - ETB. It so happens that all incoming connections to an IP address on said ISP on port 23 or port 80 land on the modem instead of the computers connected to it. Even if one tries to redirect...
TxtBlog 1.0 Alpha - Remote Command Execution
!/usr/bin/perl ----------------------------------------------------------------------------- INFORMATIONS ----------------------------------------------------------------------------- App = TxtBlog v 1.0 Alpha Downl = http://downloads.sourceforge.net/txtblogcms/txtblogcms-1.0a.zip Remote Command...
Design/Logic Flaw
Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors...
CVE-2008-5422
Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors...
CVE-2008-5422
Sun Sun Ray Server Software 3.1 through 4.0 does not properly restrict access, which allows remote attackers to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vectors...
DD-WRT v24-sp1 (XSRF) Cross Site Reference Forgery Exploit
No description provided by source. Remote root dd-wrt -------------------------------------------------------------------------------- Written by Michael Brooks Special thanks to str0ke Exploits tested on the newist stable version: Firmware: DD-WRT v24-sp1 07/27/08 micro Product Homepage:...
Cisco Secure ACS for Windows information leak
Administration password and encryption key are insecurely stored in HKEYLOCALMACHINE registry key...
Linksys WET11 - Password Update Remote Authentication Bypass
Linksys WET11 - Password Update Remote Authentication Bypass source: https://www.securityfocus.com/bid/13051/info A remote authentication bypass vulnerability affects Linksys WET11. This issue is due to a failure of the application to validate authentication credentials when processing password...
Multiple Gigafast EE400-R router vulnerabilities
DoS, configuration access including administration password in cleartext...
CVE-2002-0395
CVE-2002-0395 affects the Red-M 1050 Bluetooth Access Point: its TFTP server supply chain cannot be disabled, enabling an attacker to crack the administration password via UDP-based attacks. The vulnerability comes from the TFTP server being always active, which, combined with weak admin-password...
CVE-2002-0395
The TFTP server for Red-M 1050 Bluetooth Access Point can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods...
Backdoor in X-Micro WLAN 11b Broadband Router
Backdoor in the X-Micro WLAN 11b Broadband Router FCC ID: RAFXWL-11BRRG Firmware Version: 1.2.2, 1.2.2.3 probably others too Remote: yes, easily expoitable Type: administration password, which always works The following username and password works in every case, even if you set an other password ...
XMicro.backdoor.txt
Backdoor in the X-Micro WLAN 11b Broadband Router FCC ID: RAFXWL-11BRRG Firmware Version: 1.2.2, 1.2.2.3 probably others too Remote: yes, easily expoitable Type: administration password, which always works The following username and password works in every case, even if you set an other password ...
CVE-2002-0393
Affected product: Red-M 1050 Bluetooth Access Point (management web interface). Vulnerable component: the management web server where a buffer overflow can be triggered by a long administration password, leading to remote DoS and potentially arbitrary code execution. Exploitation details are not ...
Дырка в PostACI
Пароль администрирования содержится в доступном пользователям файле...