4177 matches found
echo-ann.jp XSS vulnerability
Open Bug Bounty ID: OBB-585683 Description| Value ---|--- Affected Website:| echo-ann.jp Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
GE GEMNet License server (EchoServer) authentication bypass vulnerability
GE GEMNet License server EchoServer is a set of license servers for GE products from General Electric GE. A security vulnerability exists in the GE GEMNet License server EchoServer that arises from a device using default or hard-coded credentials. A remote attacker could use this vulnerability to...
CVE-2017-15348
Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R001C00, NIP6600 V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, USG9500 V500R001C00 have an insufficient input validation vulnerability. An unauthenticated, remote attack...
CVE-2017-15348
Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R001C00, NIP6600 V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, USG9500 V500R001C00 have an insufficient input validation vulnerability. An unauthenticated, remote attack...
Input validation
Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R001C00, NIP6600 V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, USG9500 V500R001C00 have an insufficient input validation vulnerability. An unauthenticated, remote attack...
CVE-2017-15348
Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R001C00, NIP6600 V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, USG9500 V500R001C00 have an insufficient input validation vulnerability. An unauthenticated, remote attack...
Linux/x86-64 - Add User (pwned/$pass$) Using echo cmd Shellcode (273 bytes)
; shellcode name adduserpassword ; Author : Christophe G SLAE64-1337 ; Len : 273 bytes ; Language : Nasm ; "name = pwned ; pass = $pass$" ; add user and password with echo cmd ; tested kali linux , kernel 3.12 global start start: jmp short findaddress realstart: pop rdi xor byte rdi + 7 , 0x41 ;...
Input validation vulnerability in multiple Huawei products
Huawei IPS Module provides an administrator mechanism consisting of an administrator, an administrator interface.NGFW Module is a next-generation firewall product in a single-board form factor.NIP6300/6600 series products are the next-generation professional intrusion prevention products launched...
Bluetooth Hack Affects 20 Million Amazon Echo and Google Home Devices
Remember BlueBorne? A series of recently disclosed critical Bluetooth flaws that affect billions of Android, iOS, Windows and Linux devices have now been discovered in millions of AI-based voice-activated personal assistants, including Google Home and Amazon Echo. As estimated during the discover...
Amazon Echo and Google Home Devices Vulnerable to BlueBorne Attack
By Waqas In September 2017, the IT security researchers at Armis found eight This is a post from HackRead.com Read the original post: Amazon Echo and Google Home Devices Vulnerable to BlueBorne Attack...
echo-news.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-413843 Description| Value ---|--- Affected Website:| echo-news.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
Oracle WebLogic Server Java Deserialization Remote Code Execution
Exploit Title: Oracle WebLogic Server Java Deserialization Remote Code Execution Date: 27/09/2017 Exploit Author: SlidingWindow , Twitter: @kapilkhot Vulnerability Author: FoxGloveSecurity Vendor Homepage: http://www.oracle.com/technetwork/middleware/weblogic/overview/index.html Affetcted Version...
dailyecho.co.uk XSS vulnerability
Vulnerable URL: http://www.dailyecho.co.uk/search/asdf%22%3E%3Csvg%20onload=alert%22OPENBUGBOUNTY%22%20alt=%22/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 54834 VIP website...
Directory Traversal
github.com/labstack/echo is vulnerable to directory traversal. The library does not properly escape encoded URLs, allowing a malicious user to traverse the filesystem...
Turning an Amazon Echo into an Eavesdropping Device
For once, the real story isn't as bad as it seems. A researcher has figured out how to install malware onto an Echo that causes it to stream audio back to a remote controller, but: The technique requires gaining physical access to the target Echo, and it works only on devices sold before 2017. Bu...
Amazon Echo Can Be Hacked to act as a Surveillance device
By Waqas Taking over an IoT Internet of Things device is nothing new This is a post from HackRead.com Read the original post: Amazon Echo Can Be Hacked to act as a Surveillance device...
Alexa, Are You Spying On Me? Not Really, Maybe, It's Complex!
Do you own an Amazon Echo? So are you also worried about hackers turning out your device into a covert listening device? Just relax, if there's no NSA, no CIA or none of your above-skilled friends after you. Since yesterday there have been several reports on Amazon Echo hack that could allow a...
echo-news.co.uk XSS vulnerability
Vulnerable URL: http://www.echo-news.co.uk/news'-alert'OPENBUGBOUNTY'-'/15094935.BusbossapologisesafterpassportrefusedasageID// Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unkno...
local.sunderlandecho.com XSS vulnerability
Open Bug Bounty ID: OBB-261603 Description| Value ---|--- Affected Website:| local.sunderlandecho.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...