CVE-2023-21489

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code...

CVE-2023-21489

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code...

Heap overflow

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code...

CVE-2023-21489

CVE-2023-21489 is a heap out-of-bounds write vulnerability in the bootloader of Samsung Mobile devices, prior to SMR May-2023 Release 1, allowing a physical attacker to execute arbitrary code. The issue affects the bootloader function/section used during device startup and is exploitable with phy...

PT-2023-18242 · Unknown · Bootloader

Name of the Vulnerable Software and Affected Versions: Bootloader versions prior to SMR May-2023 Release 1 Description: A heap out-of-bounds write issue allows a physical attacker to execute arbitrary code. Recommendations: For versions prior to SMR May-2023 Release 1, update to SMR May-2023...

CVE-2023-21489

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code...

CVE-2023-21489

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code...

SAMSUNG Mobile devices 缓冲区错误漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. A security vulnerability previously existed in SAMSUNG Mobile devices SMR May-2023 Release 1 version, which stemmed from a bootloader program that...

CVE-2023-27826

SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by abusing doSystem function...

Command injection

SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by abusing doSystem function...

PT-2023-21365 · Seowon Intech · Seowonintech Swc 5100W Wimax Bootloader

Name of the Vulnerable Software and Affected Versions: SeowonIntech SWC 5100W WIMAX Bootloader version 1.18.19.0, HW version 0.0.7.0, and FW versions 1.11.0.1, 1.9.9.4 Description: The issue allows attackers to take over the system with root privilege by abusing the doSystem function, enabling OS...

Seowon Intech SWC 5100W WIMAX Bootloader 操作系统命令注入漏洞

Seowon Intech SWC 5100W WIMAX Bootloader is a bootloader from Seowon Intech, Korea. A security vulnerability exists in the Seowon Intech SWC 5100W WIMAX Bootloader version 1.18.19.0, HW 0.0.7.0, FW 1.11.0.1, and 1.9.9.4, which stems from susceptibility to operating system command injection attack...

CVE-2023-27826

CVE-2023-27826 affects SeowonIntech SWC 5100W WIMAX Bootloader: vulnerable components are bootloader version 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1 and 1.9.9.4. Root cause is an OS command injection via the doSystem() function, enabling an attacker to take over the system with root privileges. Pu...

CVE-2023-27826

SeowonIntech SWC 5100W WIMAX Bootloader 1.18.19.0, HW 0.0.7.0, and FW 1.11.0.1, 1.9.9.4 are vulnerable to OS Command Injection. which allows attackers to take over the system with root privilege by abusing doSystem function...

Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign

This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface UEFI bootkit called BlackLotus. UEFI bootkits are particularly dangerous as they run at computer...

WIMAX SWC-5100W Firmware V(1.11.0.1 :1.9.9.4) - Authenticated Remote Code Execution Exploit

Exploit Title: WIMAX SWC-5100W Firmware V1.11.0.1 :1.9.9.4 - Authenticated RCE Vulnerability Name: Ballin' Mada Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: http://www.seowonintech.co.kr/eng/main Version: Bootloader1.18.19.0 , HW 0.0.7.0, FW1.11.0.1 : 1.9.9.4 Tested on: Unix CVE :...

CVE-2022-28497

TOTOLink outdoor CPE CP900 V6.3c.566B20171026 is discovered to contain a command injection vulnerability in the mtdwritebootloader function via the filename parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

TOTOLINK CP900 命令注入漏洞

The TOTOLINK CP900 is a wireless router from China-based TOTOLINK. A security vulnerability exists in the TOTOLINK CP900 due to a command injection issue in the filename parameter of the mtdwritebootloader function...

[bootloader] A bytecode hash without the bytecode (preimage) can be marked as known, breaking the prover

Lines of code Vulnerability details This is a report of a finding in bootloader.yul. While the file is out of scope of the contest, the sponsor stated that they would still accept findings in the file and would judge them separately from the contest. Impact A bytecode hash for which the bytecode...

bootloader doesn't add tighter gas limit to the IAccount.validateTransaction call

Lines of code Vulnerability details Impact As mentioned in the competition details: Important, while the bootloader is out of scope, we may reward an additional bounty for valid bugs found in it by our judgement! As mentioned in the dev document, , there are some limitations of the verification a...