57 matches found
PT-2024-22888 · Totolink · Totolink X2000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK X2000R versions prior to v1.0.0-B20231213.1013 Description: The issue is related to a Cross-site scripting XSS vulnerability. This vulnerability is located in the Wireless settings under the Easy Setup Page. Recommendations: For...
CVE-2024-29419
There is a Cross-site scripting XSS vulnerability in the Wireless settings under the Easy Setup Page of TOTOLINK X2000R before v1.0.0-B20231213.1013...
CVE-2024-29419
TOTOLINK X2000R is affected by a Cross-site Scripting (XSS) vulnerability in the Wireless settings under the Easy Setup Page. The issue exists in versions prior to v1.0.0-B20231213.1013, with the likely impact being execution of arbitrary script within the device’s web UI. Remediation per PT-2024...
The vulnerability of the /goform/formEasySetupWizard3 component of the D-Link N300 WI-Fi Router DIR-605L wireless access point software allows a attacker to cause a service failure or execute arbitrary code.
The vulnerability of the /goform/formEasySetupWizard3 component of the D-Link N300 WI-Fi Router DIR-605L wireless access point lies in the ability to write data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions or execute...
CVE-2023-24346
D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wanconnected parameter at /goform/formEasySetupWizard3...
Simplifying the fight against ransomware: An expert explains
Fighting against ransomware can be difficult—especially if your organization has limited IT resources to begin with. But Adam Kujawa, security evangelist and director of Malwarebytes Labs, has a few tips for overburdened IT folks looking to simplify their fight against ransomware. In this post,...
F5 BIG-IQ VE 8.0.0-2923215 Remote Root
F5 BIG-IQ VE v8.0.0-2923215 Post-auth Remote Root RCE CVE-2021-23024 ======= Details ======= It was possible to execute commands with root privileges as an authenticated privileged user via command injection in easy-setup-test-connection. There are two blind command injection bugs in Test DNS...
vulhub
This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for testing and demonstrating vulnerabilities in various software and systems. The primary purpose of Vulhub is to provide a simple and easy-to-use platform for...
Modular Distributed Fingerprinting Engine: Scannerl
Scannerl is a modular distributed fingerprinting engine implemented by Kudelski Security. Scannerl can fingerprint thousands of targets on a single host, but can just as easily be distributed across multiple hosts. Scannerl is to fingerprinting what zmap is to port scanning. Scannerl works on...
D-Link DIR-615 Denial Of Service
Exploit Title: D-Link DIR-615 - Denial of Service PoC Date: 2018-08-09 Vendor Homepage: http://www.dlink.co.in Hardware Link: https://www.amazon.in/D-Link-DIR-615-Wireless-N300-Router-Black/dp/B0085IATT6 Version: D-Link DIR-615 Category: Hardware Exploit Author: Aniket Dinda Tested on: Linux kali...
D-Link DIR-615 - Denial of Service (PoC)
Exploit Title: D-Link DIR-615 - Denial of Service PoC Date: 2018-08-09 Vendor Homepage: http://www.dlink.co.in Hardware Link: https://www.amazon.in/D-Link-DIR-615-Wireless-N300-Router-Black/dp/B0085IATT6 Version: D-Link DIR-615 Category: Hardware Exploit Author: Aniket Dinda Tested on: Linux kali...
D-Link DIR-615 - Denial of Service (PoC)
D-Link DIR-615 - Denial of Service PoC Exploit Title: D-Link DIR-615 - Denial of Service PoC Date: 2018-08-09 Vendor Homepage: http://www.dlink.co.in Hardware Link: https://www.amazon.in/D-Link-DIR-615-Wireless-N300-Router-Black/dp/B0085IATT6 Version: D-Link DIR-615 Category: Hardware Exploit...
CVE-2018-0563
Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and earlier versions and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and earlier versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecifi...
CVE-2018-0507
Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.11 and earlier versions, FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.11 and earlier versions allow an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2018-0507
The CVE-2018-0507 entry maps to an untrusted search path vulnerability in the installer components of FLET'S VIRUS CLEAR Easy Setup & Application Tool (ver.11 and earlier) and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool (ver.11 and earlier). The root cause is insecure loading of Dynamic L...
FFlets Easy Setup Tool Installer Untrusted Search Path Vulnerability
Flets Easy Setup Tool is a Flets easy setup tool from NIPPON TELEGRAPH AND TELEPHONE WEST, Japan.Installer is one of the installation programs. An untrusted search path vulnerability exists in the Installer in Flets Easy Setup Tool 1.2.0 and earlier versions. An attacker can exploit this...
Design/Logic Flaw
Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-10825
Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-10825
CVE-2017-10825 affects the Installer of Flets Easy Setup Tool (Ver 1.2.0 and earlier). The underlying issue is an insecure DLL search path (untrusted search path) that allows arbitrary code execution with the privileges of the user invoking the installer when a Trojan horse DLL is present in an u...
CVE-2017-10825
Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...