EUVD-2018-17328

Malware in sbrugna...

SharPyShell

SharPyShell SharPyShell is a tiny and obfuscated ASP.NET webshell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C web applications that runs on .NET Framework = 2.0VB is not supported atm. Usage python3 SharPyShell.py genera...

North Korean state-sponsored threat actor Lazarus Group exploiting Chrome Zero-day vulnerability

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here For more than a month before a fix was available, North Korean state hackers known as Lazarus group exploited a zero-day, remote code execution vulnerability CVE-2022-0609 in Google Chromes web browser. The attack mainly targe...

ManageEngine ADSelfService Plus has been abused in the wild due to a zero-day vulnerability

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An APT actor is attempting to exploit a zero-day vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution that poses a high risk to critical infrastructure companies,...

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in spiral-project/ihatemoney

Description Secure flag is not implemented on the application Proof of Concept https://drive.google.com/file/d/10p4ejCFsLA6LO32nPNTRKqZjlqVHVpUf/view?usp=sharing Impact The secure flag is an option that can be set by the application server when sending a new cookie to the user within an HTTP...

Input validation

nLight ECLYPSE nECY system Controllers running software prior to 1.17.21245.754 contain a default key vulnerability. The nECY does not force a change to the key upon the initial configuration of an affected device. nECY system controllers utilize an encrypted channel to secure SensorViewTM...

CVE-2021-40825

nLight ECLYPSE nECY system Controllers running software prior to 1.17.21245.754 contain a default key vulnerability. The nECY does not force a change to the key upon the initial configuration of an affected device. nECY system controllers utilize an encrypted channel to secure SensorViewTM...

A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide

Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer P2P botnet written in Golang that has been actively targeting SSH servers since January 2020. Called "FritzFrog," the modular, multi-threaded and file-less botnet has breached more than 500 servers t...

A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide

Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer P2P botnet written in Golang that has been actively targeting SSH servers since January 2020. Called "FritzFrog ," the modular, multi-threaded and file-less botnet has breached more than 500 servers ...

CVE-2019-18248

BIOTRONIK CardioMessenger II, The affected products transmit credentials in clear-text prior to switching to an encrypted communication channel. An attacker can disclose the product’s client credentials for connecting to the BIOTRONIK Remote Communication infrastructure...

CVE-2020-4092

"If port encryption is not enabled on the Domino Server, HCL Nomad on Android and iOS Platforms will communicate in clear text and does not currently have a user interface option to change the setting to request an encrypted communication channel with the Domino server. This can potentially expos...

Cisco IOS XE Software HTTP Client Information Disclosure Vulnerability (cisco-sa-20190925-http-client)

According to its self-reported version, IOS XE Software is affected by a vulnerability in the HTTP client feature that allows an unauthenticated, remote attacker to read and modify data that should normally be sent via an encrypted channel. This vulnerability is due to TCP port information not...

Cisco IOS HTTP Client Information Disclosure Vulnerability (cisco-sa-20190925-http-client)

According to its self-reported version, IOS is affected by a vulnerability in the HTTP client feature that allows an unauthenticated, remote attacker to read and modify data that should normally be sent via an encrypted channel. This vulnerability is due to TCP port information not being consider...

CVE-2019-12665

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new...

Design/Logic Flaw

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new...

CVE-2019-12665 Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new...

CVE-2019-12665 Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability

A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new...

CVE-2018-5482

NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel...

CVE-2018-5559

In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always encrypted-at-rest connection data could return some configurations of connection data without obscuring sensitive data from the API response sent over an encrypted channel. This issue does not affect...

CVE-2018-4849

A vulnerability has been identified in Siveillance VMS Video for Android All versions V12.1a 2018 R1, Siveillance VMS Video for iOS All versions V12.1a 2018 R1. Improper certificate validation could allow an attacker in a privileged network position to read data from and write data to the encrypt...