33 matches found
EUVD-2020-2586
Malware in sbrugna...
EUVD-2018-17486
Malware in sbrugna...
EUVD-2017-8826
Malware in sbrugna...
Silent failure in user reward transfer in Treasury.withdrawToAccount() can lead to loss of rewards
Lines of code Vulnerability details Impact The withdrawToAccount function of the Treasury contract is designed to send ETH rewards and OLAS top-ups to a specified account. However, there is a potential issue where a user's reward transfer could silently fail. This occurs when the...
In tokenomics,sol, anyone can become admin and can at the same time alter the values of all input paramaters of the initializeTokenomics() function.
Lines of code Vulnerability details Impact This bug report is about a lack of access control checks on initializeTokenomics functions used to configure the protocol during the deployment. An attacker could exploit this vulnerability by front-running the deployment process and call...
pezdispenserpriceguide.com Cross Site Scripting vulnerability OBB-2819125
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The vulnerability of the microprogramming software used in Diebold-Nixdorf RM3/CRS cash dispensers allows a perpetrator to install an outdated or modified version of the microprogramming software in order to bypass encryption and dispense cash.
The vulnerability of the microprogramming software of Diebold-Nixdorf RM3/CRS dispensers relates to the possibility of bypassing security mechanisms. Exploiting this vulnerability could allow an intruder to install a outdated or modified version of the microprogramming software, thereby...
CVE-2021-37555
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled...
CVE-2021-37555
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled...
Default credentials
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled...
CVE-2021-37555
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled...
CVE-2021-37555
The CVE-2021-37555 entry describes TX9 Automatic Food Dispenser v3.2.57 with a root-access vulnerability via telnet on port 23 using the default root password 059AnkJ, enabling shell access and filesystem download through BusyBox tools (e.g., tar, nc). Related material (CVE-2019-16734) indicates ...
TX9 Automatic Food Dispenser 授权问题漏洞
TX9 Automatic Food Dispenser is an automatic food dispenser from trixie. An authorization issue vulnerability exists in TX9 Automatic Food Dispenser version 3.2.57, which stems from the use of the telnet service on port 23 with a default password of 059AnkJ for the root account...
CVE-2020-10123
The currency dispenser of NCR SelfSev ATMs running APTRA XFS 05.01.00 or earlier does not adequately authenticate session key generation requests from the host computer, allowing an attacker with physical access to internal ATM components to issue valid commands to dispense currency by generating...
CVE-2020-10123
The currency dispenser of NCR SelfSev ATMs running APTRA XFS 05.01.00 or earlier does not adequately authenticate session key generation requests from the host computer, allowing an attacker with physical access to internal ATM components to issue valid commands to dispense currency by generating...
CVE-2020-10123
Affected product: NCR SelfServ ATMs running APTRA XFS 05.01.00 or older. Vulnerable component: currency dispenser session key generation authentication. Root cause: inadequate authentication for session key generation requests from the host computer, enabling a physical-access attacker to generat...
NCR SelfServ ATM dispenser software contains multiple vulnerabilities
Overview NCR SelfServ automated teller machines ATMs running APTRA XFS 05.01.00 or older are vulnerable to physical attacks on the communications bus between the currency dispenser component and the host computer. Description NCR SelfServ ATMs running APTRA XFS 05.01.00 or older contain...
The vulnerability of the microprogram code of the NCR S1 dispenser controller, related to deficiencies in the memory writing mechanism’s protection, allows a intruder to execute arbitrary code or lower the version of the device’s firmware.
The vulnerability of the microprogram code of the NCR S1 dispenser controller is related to insufficient protection of the memory writing mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code or downgrade the device’s firmware to a outdated version with known...
The vulnerability of the NCR S1 dispenser controller’s microprogramming software lies in the lack of protection for the memory writing mechanism. This allows a intruder to execute arbitrary code or lower the version of the device’s firmware.
The vulnerability of the microprogram code of the NCR S1 dispenser controller is related to insufficient protection of the memory writing mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code or downgrade the device’s firmware to a outdated version with known...
KoffeyMaker: notebook vs. ATM
Despite CCTV and the risk of being caught by security staff, attacks on ATMs using a direct connection — so-called black box attacks — are still popular with cybercriminals. The main reason is the low "entry requirements" for would-be cyber-robbers: specialized sites offer both the necessary tool...