Zavio IP Cameras multiple vulnerabilities

Advisory ID Internal CORE-2013-0302 1. Advisory Information Title: Zavio IP Cameras multiple vulnerabilities Advisory ID: CORE-2013-0302 Advisory URL:http://www.coresecurity.com/advisories/zavio-IP-cameras-multiple-vulnerabilities Date published: 2013-05-28 Date of last update: 2013-05-28 Vendors...

TP-Link IP Camera Hardcoded Credentials / Command Injection

Core Security - Corelabs Advisory http://corelabs.coresecurity.com TP-Link IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: TP-Link IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0318 Advisory URL:...

Zavio IP Camera Command Injection / Bypass

Core Security - Corelabs Advisory http://corelabs.coresecurity.com Zavio IP Cameras multiple vulnerabilities 1. Advisory Information Title: Zavio IP Cameras multiple vulnerabilities Advisory ID: CORE-2013-0302 Advisory URL:...

TP-Link IP Cameras Multiple Vulnerabilities

1. Advisory Information Title: TP-Link IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0318 Advisory URL:https://www.coresecurity.com/core-labs/advisories/tp-link-IP-cameras-multiple-vulnerabilities Date published: 2013-05-28 Date of last update: 2013-05-28 Vendors contacted: TP-Link...

Hard-Coded Credentials Found in TURCK ICS Devices

Hard-coded credentials are a longstanding security no-no, but they’re also an ever-present reality because of developers and IT managers who require remote access to networks and systems for troubleshooting purposes. The level of risk in such cases depends on the system in question. But one thing...

CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ D-Link IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: D-Link IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0303 Advisory URL:...

D-Link IP Cameras - Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ D-Link IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: D-Link IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0303 Advisory URL:...

D-Link IP Cameras - Multiple Vulnerabilities

D-Link IP Cameras - Multiple Vulnerabilities Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ D-Link IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: D-Link IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0303 Advisory URL:...

D-Link IP Cameras Injection / Bypass

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ D-Link IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: D-Link IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0303 Advisory URL:...

Henry Schein Dentrix G5 uses hard-coded database credentials shared across multiple installations

Overview Henry Schein Dentrix G5, a dental practice management software suite, uses hard-coded database access credentials that are shared across multiple installation sites. An attacker who is able to obtain the credentials for one site may be able to gain access to other sites using the same...

Sitecom WLM-3500 backdoor accounts

Sitecom WLM-3500 backdoor accounts ================================== ADVISORY INFORMATION Title: Sitecom WLM-3500 backdoor accounts Discovery date: 24/03/2013 Release date: 16/04/2013 Credits: Roberto Paleari [email protected], @rpaleari Advisory URL:...

Siemens WinCC 7.2 Multiple Vulnerabilities

OVERVIEW This advisory provides mitigation details for vulnerabilities that impact the Siemens WinCC Web Navigator 7.2. Researchers Alexander Tlyapov, Sergey Gordeychik, and Timur Yunusov of Positive Technologies have identified multiple vulnerabilities in the Siemens WinCC Web Navigator 7.2...

CVE-2012-4702

360 Systems Maxx, Image Server Maxx, and Image Server 2000 have a hardcoded password for the root account, which makes it easier for remote attackers to execute arbitrary code, or modify video content or scheduling, via an SSH session...

PT-2013-43: Hard-coded credentials in Siemens WinCC and SIMATIC PCS 7

The specialists of the Positive Research center have detected a vulnerability in Siemens WinCC and SIMATIC PCS 7 related to hard-coded credentials used in the login system . Attackers with network access and knowledge of the credentials could log into the Web Navigator Web applications as an...

TURCK BL20 and BL67 Programmable Gateway Hard-Coded User Accounts

OVERVIEW Researcher Rubén Santamarta of IOActive has identified hard-coded user accounts in TURCK’s BL20 and BL67 Programmable Gateways. Exploitation of this vulnerability would allow an attacker to have remote administrative access to the device. This vulnerability affects programmable gateways...

Microsoft windows remote desktop PoC C# Exploit

It Case The Dead Blue Screen :D 4 DoS ! //ms12-020 "chinese shit" PoC //Tested On Win7 Ultimate & Win 2008 Server & Win 2003 Serrver R2 //C Coded By Yomi :D using System; using System.Net; using System.Net.Sockets; namespace RDPPoCExploit class Program public static readonly string strshell =...

Samsung / Dell Printer SNMP Backdoor

The remote host appears to be a Samsung printer, or a Dell printer manufactured by Samsung. It has a hard-coded SNMP read-write community string that allows access even when SNMP has been disabled in the printer management utility. A remote, unauthenticated attacker can exploit this to take contr...

ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities

ESA-2012-057.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities EMC Identifier: ESA-2012-057 CVE Identifier: CVE-2012-4614 CVE Identifier: CVE-2012-4615 Severity Rating: CVSS v2 Base Score: See below for individual...

Multiple vulnerabilities in Ezylog photovoltaic management server

Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server Discovery date: 27/08/2012 Release date: 11/09/2012 Credits: Roberto...

Schneider Electric Quantum Ethernet Module Hard-Coded Credentials

OVERVIEW --------- Begin Update B Part 1 of 3 -------- This updated advisory is a follow-up to the updated advisory titled ICSA-12-018-01A Schneider Electric Quantum Ethernet Module Hard-Coded Credentials that was published on June 04, 2013, on the ICS-CERT Web site. It is also a follow-up to the...