EUVD-2023-50899

Malicious code in bioql PyPI...

TP-LINK TL-WR841ND 安全漏洞

TP-LINK TL-WR841ND is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-Link TL-WR841ND V11 version, which originates from the gw parameter of /userRpm/WanDynamicIpV6CfgRpm.htm contains a buffer overflow vulnerability...

PT-2025-7113 · Tp Link · Tp-Link Tl-Wr841Nd

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR841ND version V11 Description: A buffer overflow issue was discovered via the gw parameter at "/userRpm/WanDynamicIpV6CfgRpm.htm". This allows attackers to cause a Denial of Service DoS via a crafted packet. Recommendations: For...

CVE-2023-46715

An origin validation error CWE-346 vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send but not receive packets spoofing the IP of another user via crafted network packets...

CVE-2023-46715

An origin validation error CWE-346 vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send but not receive packets spoofing the IP of another user via crafted network packets...

CVE-2023-46715

An origin validation error CWE-346 vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send but not receive packets spoofing the IP of another user via crafted network packets...

Fortinet Fortigate IPsec dynamic assignation IP spoofing (FG-IR-23-407)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-407 advisory. - An origin validation error CWE-346 vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2....

CVE-2022-23094

A vulnerability was found in libreswan. A malformed packet that is being rejected triggers a logging action that causes a NULL pointer dereference issue, leading to a crash of the pluto daemon. Mitigation If all configured connections are using IKEv2, the IKEv1 subsystem can be disabled by adding...

Innovative Proxy Phantom ATO Fraud Ring Haunts eCommerce Accounts

A sophisticated fraud ring, dubbed Proxy Phantom, has pushed the boundaries of credential-stuffing attacks with a dynamic account takeover ATO technique that was flooding eCommerce merchants in the third quarter. Researchers at Sift uncovered the group, which is innovating in the realm of...

Linux/x86 - Egghunter Reverse TCP Shell dynamic IP and port Shellcode

Exploit Title: Linux/x86 - Linux/x86 - Egghunter Reverse TCP Shell dynamic IP and port Shellcode Exploit Author: d7x Tested on: Ubuntu x86 / Linux/x86 - Egghunter Reverse TCP Shell Shellcode Generator with dynamic IP and port Shellcode Author: d7x https://d7x.promiselabs.net/...

Weak password vulnerability in TP-LINK TL-R406

The TP-LINK TL-R406 is a SOHO router that provides dynamic IP, static IP and PPPoE access methods, supporting both ADSL line users and cellular broadband users. A weak password vulnerability exists in the TP-LINK TL-R406, which can be exploited by attackers to obtain sensitive information...

Fedora Update for bird FEDORA-2019-ff0f9ce167

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 31 Update: bird-2.0.6-1.fc31

BIRD is a dynamic IP routing daemon supporting both, IPv4 and IPv6, Border Gateway Protocol BGPv4, Routing Information Protocol RIPv2, RIPng, Open Shortest Path First protocol OSPFv2, OSPFv3, Babel Routing Protocol Babe l, Bidirectional Forwarding Detection BFD, IPv6 router advertisements, static...

shootback - a reverse TCP tunnel let you access target behind NAT or firewall

shootback is a reverse TCP tunnel let you access target behind NAT or firewall Consumes less than 1% CPU and 8MB memory under 800 concurrency. slaver is single file and only depends on python2.7/3.4+ standard library. How it works Typical Scene 1. Access company/school computerno internet IP from...

Zyxel MAX3XX Series Wimax CPEs Hardcoded Root Password

Vulnerability Title: Hardcoded root password in Zyxel MAX3XX series Wimax CPEs Date: 23/03/2016 Product: Zyxel MAX3XX series CPEs Vendor: www.zyxel.com Affected Firmware: Latest version at the time of disclosure v 2.00 and below tested Patch: Unpatched Vendor contact date: 12/12/2015 Authored by:...

No-IP Windows Dynamic Update Client Detection

The No-IP Windows dynamic update client is installed on the remote Windows host. This software is intended to map a dynamic IP address, such as those found on a residential broadband or dialup connection, to a static host name, such as www.example.com. It can also be abused to host unsanctioned...

Outlook Web Access Attack Using Pushdo Botnet

Here are some technical details on the Outlook Web Access phishing scheme. 1. The Spam According to our preliminary research, the spam emails which attacked OWA users, including Kaspersky, were sent using the pushdo botnet – which is based on malware from the Backdoor.Win32.NewRes family. These...

Solve the free space can not FTP upload Trojan issues-vulnerability warning-the black bar safety net

Get the Webshell, and if you want to hang horse, you need to have a support Ftp upload space. For I poor devils, only with free space. And the used free space of the people know for sure that Ftp is not uploading the Trojan, unless it isfree to kill. The spatial spread no Trojan, then do not...

Windows XP SP2 protection bypass

For dialup connection whole network of dynamic IP class is treated as local segment...