[SECURITY] Fedora 38 Update: libell-0.63-1.fc38

The Embedded Linux Library ELL provides core, low-level functionality for system daemons. It typically has no dependencies other than the Linux kernel, C standard library, and libdl for dynamic linking. While ELL is designed to be efficient and compact enough for use on embedded Linux platforms, ...

[SECURITY] Fedora 39 Update: libell-0.63-1.fc39

The Embedded Linux Library ELL provides core, low-level functionality for system daemons. It typically has no dependencies other than the Linux kernel, C standard library, and libdl for dynamic linking. While ELL is designed to be efficient and compact enough for use on embedded Linux platforms, ...

Fedora: Security Advisory (FEDORA-2024-fdce971b84)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the TrustZone subsystem’s networking (netdev) component in Qualcomm embedded operating systems allows a hacker to trigger a service failure.

The vulnerability of the TrustZone subsystem’s Networking netdev component in Linux embedded devices from Qualcomm involves a re-liberation of memory during kernel loading at the HYP level. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2023-25188

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from the Nokia Single RAN BTS baseband unit, the BTS baseband unit diagnostic tool AaShell which is by default disabled allows unauthenticated access from...

CVE-2023-25188

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from the Nokia Single RAN BTS baseband unit, the BTS baseband unit diagnostic tool AaShell which is by default disabled allows unauthenticated access from...

CVE-2023-25188

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP as a BTS administrator removes security hardenings from the Nokia Single RAN BTS baseband unit, the BTS baseband unit diagnostic tool AaShell which is by default disabled allows unauthenticated access from...

Nokia Airscale ASIKA Single RAN 安全漏洞

Nokia Airscale ASIKA Single RAN is an application for end-to-end use by Nokia of Finland. A security vulnerability exists in NOKIA Airscale ASIKA Single RAN prior to version 21B, which stems from the baseband unit diagnostic tool AaShell allowing unauthenticated access to the embedded Linux...

The vulnerability of the do_rename_gpt_parts() function (cmd/gpt.c) in the U-Boot loader for embedded Linux operating systems allows a hacker to execute arbitrary code.

The vulnerability of the dorenamegptparts function cmd/gpt.c in the U-Boot loader for embedded Linux-based operating systems is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

uClibc 和 uClibc-ng 缓冲区错误漏洞

uClibc-ng is an application. Small C library for Linux. uClibc is a small C standard library for embedded Linux systems. A buffer error vulnerability exists in uClibc version 0.9.33.2 and uClibc-ng version 1.0.40, which stems from a thread misallocation that could lead to memory corruption...

The vulnerability of the /etc/passwd component in the D-Link DSR-500N router’s microprogramming system allows a hacker to gain access to the device’s basic embedded Linux operating system.

The vulnerability of the /etc/passwd component in the D-Link DSR-500N router’s microprogramming system is related to the use of pre-installed user accounts. Exploiting this vulnerability could allow a malicious actor to gain access to the device’s basic embedded Linux operating system...

CVE-2021-39615

D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying...

CVE-2021-39615

The D-Link DSR-500N is affected by CVE-2021-39615 in version 1.02, where hard-coded credentials for undocumented accounts in /etc/passwd allow an attacker to log in via SSH or Telnet and gain access to the embedded Linux OS. The issue is fixed in firmware version 2.12/2. This vulnerability is not...

CVE-2021-39615

D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying...

PT-2021-4449 · D Link · Dsr-500N

Name of the Vulnerable Software and Affected Versions: D-Link DSR-500N version 1.02 D-Link DSR-500N versions prior to 2.12/2 Description: The issue is related to hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. If an attacker recovers the cleartext password of the...

Panasonic Sanyo CCTV Network Camera 2.03-0x - Cross-Site Request Forgery (Change Password)

Exploit Title: Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Change Password' CSRF Date: 13.07.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.panasonic.com !-- Panasonic Sanyo CCTV Network Camera 2.03-0x CSRF Disable Authentication / Change Password Vendor:...

Panasonic Sanyo CCTV Network Camera 2.03-0x CSRF Disable Authentication / Change Password

Summary SANYO network camera and network optional board with the latest H.264 compression technology provide the optimum surveillance applications with high quality real time moving image at low bandwidth. Simultaneous stream of H.264 and JPEG data and also COAX video out to provide flexible...

Panasonic Sanyo CCTV Network Camera 2.03-0x Cross Site Request Forgery

!-- Panasonic Sanyo CCTV Network Camera 2.03-0x CSRF Disable Authentication / Change Password Vendor: Panasonic Corporation | SANYO Electric Co., Ltd. Product web page: https://www.panasonic.com https://www.sanyo-av.com https://panasonic.net/sanyo/cs/index.html Affected version: Model: VCC-HD5600...

Panasonic Sanyo CCTV Network Camera 2.03-0x Cross Site Request Forgery Vulnerability

Panasonic Sanyo CCTV Network Camera version 2.03-0x allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. These actions can be exploited to perform authentication detriment and account password change with administrative privilege...

Visual Tools DVR VX16 4.2.28.0 Command Injection

Exploit Title: Visual Tools DVR VX16 4.2.28.0 - OS Command Injection Unauthenticated Date: 2021-07-05 Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. An unauthenticated remote attacker can...