19 matches found
CVE-2025-58743
CVE-2025-58743 affects Milner ImageDirector Capture on Windows. The root cause is use of a broken/des outdated DES algorithm in the Password class within C2SConnections.dll, enabling encryption brute-forcing to obtain database credentials. Affected versions are ImageDirector Capture 7.0.9.0 up to...
PT-2026-3669
Name of the Vulnerable Software and Affected Versions Milner ImageDirector Capture versions 7.0.9.0 through 7.6.3.25808 Description A flaw exists in Milner ImageDirector Capture on Windows due to the use of hard-coded application encryption keys within the C2SGlobalSettings.dll component. This...
C2S DVR Management Password Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'C2S DVR Management Password Disclosure', 'Description' = %q C2S DVR allows an unauthenticated user to disclose the username & password by...
SUSE CVE-2017-18265
Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in,...
ShonyDanza - A Customizable, Easy-To-Navigate Tool For Researching, Pen Testing, And Defending With The Power Of Shodan
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan. With ShonyDanza, you can: Obtain IPs based on search criteria Automatically exclude honeypots from the results based on your pre-configured thresholds Pre-configure all IP searches to filte...
Security update for prosody (important)
openSUSE Security Update: Security update for prosody Announcement ID: openSUSE-SU-2021:0728-1 Rating: important References: 1186027 Cross-References: CVE-2021-32917 CVE-2021-32918 CVE-2021-32919 CVE-2021-32920 Affected Products: openSUSE Leap 15.2 An update that fixes four vulnerabilities is now...
Ghimob: a Tétrade threat actor moves to infect mobile devices
Guildma, a threat actor that is part of the Tétrade family of banking trojans, has been working on bringing in new techniques, creating new malware and targeting new victims. Recently, their new creation, the Ghimob banking trojan, has been a move toward infecting mobile devices, targeting...
C2S DVR Management Password Disclosure
C2S DVR allows an unauthenticated user to disclose the username & password by requesting the javascript page 'read.cgi?page=2'. This may also work on some cameras including IRDOME-II-C2S, IRBOX-II-C2S. This module requires Metasploit: https://metasploit.com/download Current source:...
Code injection
Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in,...
DEBIAN-CVE-2017-18265
Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in,...
UBUNTU-CVE-2017-18265
Prosody before 0.10.0 allows remote attackers to cause a denial of service application crash, related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in,...
BASHLITE Family Of Malware Infects 1 Million IoT Devices
More than one million consumer web-connected video cameras and DVRs are compromised by bot herders who use the devices for DDoS attacks, researchers say. According to Level 3 Threat Research Labs, a small malware family that goes by the names Lizkebab, BASHLITE, Torlus and Gafgyt is behind a web ...
C2S DVR Management Credentials Disclosure and Authentication Bypass Vulnerabilities
C2S DVR Management application is prone to credentials disclosure and authentication bypass vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
C2S DVR Management IRDOME-II-C2S IRBOX-II-C2S DVR - Credentials Disclosure Authentication Bypass
C2S DVR Management IRDOME-II-C2S IRBOX-II-C2S DVR - Credentials Disclosure Authentication Bypass 1. Advisory Information ======================================== Title : C2S DVR Management Remote Credentials Disclosure & Authentication Bypass Vendor Homepage : http://www.cash2s.com/en/ Remotely...
C2S DVR Management IRDOME-II-C2S / IRBOX-II-C2S, DVR - Credentials Disclosure / Authentication Bypas
Exploit for cgi platform in category web applications 1. Advisory Information ======================================== Title : C2S DVR Management Remote Credentials Disclosure & Authentication Bypass Vendor Homepage : http://www.cash2s.com/en/ Remotely Exploitable : Yes Tested on Camera types :...
C2S DVR Management IRDOME-II-C2S / IRBOX-II-C2S / DVR - Credentials Disclosure / Authentication Bypass
Advisory Information ======================================== Title : C2S DVR Management Remote Credentials Disclosure & Authentication Bypass Vendor Homepage : http://www.cash2s.com/en/ Remotely Exploitable : Yes Tested on Camera types : IRDOME-II-C2S, IRBOX-II-C2S, DVR Vulnerabilities :...
ejabberd XMPP/Jabber server DoS
Array overflows on large number of simulationeus c2s messages...
CVE-2010-0305
ejabberdc2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service daemon crash via a large number of c2s aka client2server messages that trigger a queue overload...
CVE-2010-0305
ejabberdc2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service daemon crash via a large number of c2s aka client2server messages that trigger a queue overload...