14 matches found
EUVD-2015-7218
Malware in sbrugna...
EUVD-2018-9524
Malware in sbrugna...
Bluetooth + Electrical switchgear
The ongoing rapid growth of Industrial IoT IIoT across all business sectors continues to bring to focus the discrepancies that exist between the approaches to safety and cyber-security on safety critical sites. Safety has been culturally ingrained into all aspects of industrial site operations fo...
MapifyLite < 4.0.0 - Authenticated Stored Cross-Site Scripting (XSS)
The plugin does not sanitise the Image URL either in the settings or in a location, allowing editor+ users to use a malicious payload, leading to Stored Cross-Site Scripting issues. Notes WPScanTeam: - The vendor has been notified on March 24th, 2021 - The pro version is very likely to be...
CVE-2020-27268
The CVE-2020-27268 entry concerns a client-side control vulnerability in SOOIL Dana Diabecare RS insulin pump and its AnyDana-i/AnyDana-A mobile apps. The issue allows physically proximate attackers to bypass authentication checks for default PINs via Bluetooth Low Energy , enabling potential una...
CVE-2018-17777
An issue was discovered on D-Link DVA-5592 A1WI20180823 devices. If the PIN of the page "/ui/cbpc/login" is the default Parental Control PIN 0000, it is possible to bypass the login form by editing the path of the cookie "sid" generated by the page. The attacker will have access to the router...
CVE-2018-16550
TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the "Cancel" step, which makes it easier to determine the correct value of the default 4-digit PIN...
CVE-2015-7287
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message...
Design/Logic Flaw
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message...
CVE-2015-7287
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by leveraging knowledge of this PIN and including it in an SMS message...
CSL DualCom GPRS CS2300-R SPT Arbitrary Command Execution Vulnerability
The CSL DualCom GPRS CS2300-R SPT is an alarm signaling board from CSL DualCom, UK, which provides a communication link between the burglar alarm and the monitoring center, allowing signals to be sent to the monitoring center when the alarm goes off, via the mobile network, ordinary phone lines o...
Belkin Wireless Router - Default WPS PIN Security
Belkin Wireless Router - Default WPS PIN Security source: https://www.securityfocus.com/bid/57128/info Belkin Wireless Router is prone to a security vulnerability that may allow attackers to generate a default WPS PIN. Successfully exploiting this issue may allow attackers to generate the default...
R2 1.65 Stack Overflow / Directory Traversal / Brute Forcing
Luigi Auriemma Application: R2 http://www.rabidhamster.org/R2/ Versions: = 1.65 Platforms: Windows Bugs: A stack overflow B directory traversal C PIN brute forcing Exploitation: remote Date: 09 Feb 2012 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bugs 3 Th...
Aladdin Knowledge Systems eToken 3.3.3 - eToken PIN Extraction
Aladdin Knowledge Systems eToken 3.3.3 - eToken PIN Extraction source: https://www.securityfocus.com/bid/1170/info Alladin Knowledge Systems eToken is a USB smartcard-like device used for authentication, file integrity, and encryption. Access to the eToken device itself and entering the PIN numbe...