CVE-2021-28130

Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary e.g., frwlsvc.exe bypasses firewall filters...

CVE-2020-23967

Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate...

The vulnerability of the Dr.Web Anti-Rootkit API in software environments arises from the use of a fixed or uncontrolled search path for resources. This allows attackers to execute arbitrary code.

The vulnerability of the Dr.Web Anti-Rootkit API in software environments lies in the use of a fixed or uncontrolled search path for resources. Exploiting this vulnerability allows an attacker to execute arbitrary code...

PT-2024-2718 · Doctor Web · Dr.Web Anti-Rootkit Api

Name of the Vulnerable Software and Affected Versions: Dr.Web Anti-rootkit API affected versions not specified Description: The issue is related to the use of a fixed or uncontrolled path for resource search in the Dr.Web Anti-rootkit API module. Exploitation of this issue may allow an attacker t...

CVE-2022-34053

The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

CVE-2022-34053

The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

CVE-2022-34053

The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

Design/Logic Flaw

The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

PYSEC-2022-43132

The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

CVE-2022-34053

CVE-2022-34053 concerns the DR-Web-Engine package for PyPI, v0.2.0b0, featuring a code execution backdoor via the request package. The root cause is a backdoor enabling an attacker to access sensitive user information and digital currency keys and to escalate privileges. Documented sources (NVD, ...

DR-Web-Engine 安全漏洞

DR-Web-Engine is built on python based on the lxml package and uses JSON as the query structure. A security vulnerability exists in DR-Web-Engine. An attacker could exploit the vulnerability to access sensitive user information and digital currency keys, as well as elevate privileges...

CVE-2021-28130

Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary e.g., frwlsvc.exe bypasses firewall filters...

Dr.Web Firewall 代码问题漏洞

Dr.Web Firewall is a network firewall from the Russian company Dr.Web. A code issue vulnerability exists in Dr.Web Firewall that originates from Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A custom loaded DLL in a legitimate binary e.g. frwlsvc.exe...

Android Apps in Google Play Harvest Facebook Credentials

A set of nine malicious Android apps that steal Facebook credentials were found on Google Play, which racked up a collective 5.9 million installations before Google removed them. According to Dr. Web’s malware analysts, the applications were fully functional, so that victims remained in the dark...

Android Apps with 5.8 million Installs Caught Stealing Users' Facebook Passwords

Google intervened to remove nine Android apps downloaded more than 5.8 million times from the company's Play Store after the apps were caught furtively stealing users' Facebook login credentials. "The applications were fully functional, which was supposed to weaken the vigilance of potential...

Hackers cloned NordVPN website to drop banking trojan

By Sudais The malware campaign was discovered by Dr. Web detailing how hackers have been using Bolik banking trojan against unsuspected users. This is a post from HackRead.com Read the original post: Hackers cloned NordVPN website to drop banking trojan...

Backdoor Built into Android Firmware

In 2017, some Android phones came with a backdoor pre-installed: Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday. Triada first came to light in 2016 in articles publishe...

The vulnerability of the dwprot.sys driver in the Dr.Web Enterprise Security Suite antivirus protection software allows a hacker to cause a service failure.

The vulnerability of the dwprot.sys driver in the Dr.Web Enterprise Security Suite antivirus software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure using specially crafted IOCTLs...

The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite allows a hacker to execute HTML code.

The vulnerability of the “Security Management Center” component of the Dr.Web Enterprise Security Suite exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary HTML code into the user’s browser by placin...

The vulnerability of the Dr.Web Enterprise Security Suite, an anti-virus protection tool, lies in the lack of restrictions on writing, reading, and creating files within the server folder. This allows attackers to execute arbitrary Lua scripts.

The vulnerability of the Dr.Web Enterprise Security Suite antivirus protection lies in the absence of restrictions on writing, reading, and creating files within the server’s directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary Lua scripts without the need for th...