1303 matches found
Unicorn WB-3300NR Cross Site Request Forgery
Exploit Title: Unicorn Router WB-3300NR CSRF Factory Reset/DNS Change Exploit Author: absane Blog: http://blog.noobroot.com Discovery date: October 29th 2013 Vendor Homepage: http://www.eunicorn.co.kr/kimsboard7/product.php?inc=wb-3300nr Tested on: Unicorn WB-3300NR v1.0 Firmware Version:...
Unicorn Router WB-3300NR - Cross-Site Request Forgery (Factory ResetDNS Change)
Unicorn Router WB-3300NR - Cross-Site Request Forgery Factory ResetDNS Change Exploit Title: Unicorn Router WB-3300NR CSRF Factory Reset/DNS Change Exploit Author: absane Blog: http://blog.noobroot.com Discovery date: October 29th 2013 Vendor Homepage:...
Unicorn Router WB-3300NR - Cross-Site Request Forgery (Factory Reset/DNS Change)
Exploit Title: Unicorn Router WB-3300NR CSRF Factory Reset/DNS Change Exploit Author: absane Blog: http://blog.noobroot.com Discovery date: October 29th 2013 Vendor Homepage: http://www.eunicorn.co.kr/kimsboard7/product.php?inc=wb-3300nr Tested on: Unicorn WB-3300NR v1.0 Firmware Version:...
TRENDnet TE100-P1U Print Server Firmware 4.11 - Authentication Bypass
Exploit Title: TRENDnet TE100-P1U Print Server Firmware 4.11 Authentication Bypass Vulnerability Date: 2013/6/20 Exploit Author: Chako Firmware Version: 4.11 Tested on: Windows 7 Description: ===================== A remote authentication bypass vulnerability affects TRENDnet TE100-P1U Print Serve...
TRENDnet TE100-P1U Authentication Bypass Vulnerability
TRENDnet TE100-P1U with print server firmware 4.11 suffers from an authentication bypass vulnerability that allows reset to factory settings or IP address change. Exploit Title: TRENDnet TE100-P1U Print Server Firmware 4.11 Authentication Bypass Vulnerability Date: 2013/6/20 Exploit Author: Chako...
TRENDnet TE100-P1U Authentication Bypass
Exploit Title: TRENDnet TE100-P1U Print Server Firmware 4.11 Authentication Bypass Vulnerability Date: 2013/6/20 Exploit Author: Chako Firmware Version: 4.11 Tested on: Windows 7 Description: ===================== A remote authentication bypass vulnerability affects TRENDnet TE100-P1U Print Serve...
Fake Lookout android app stealing your SMS and MMS messages
Android's App store is currently facing a new dilemma as its security has been compromised once again. Researchers from security firm TrustGo have recently spotted on Google Play a bogus app that supposedly automatizes the updating of a batch of other apps. The malicious code was hidden within an...
Line of code let the Samsung galaxy do Factory Reset-vulnerability warning-the black bar safety net
SAMSUNG including the GALAXY S3 and other models of the smart phone there is a serious security vulnerability, a line of USSD code can be formatted the phone and even damage the SIM card! The current is determined there is a problem of the phone as follows: Galaxy S3, Galaxy S2, Galaxy Ace, Galax...
New Android Exploit Could Force Factory Reset remotely
Clicking one wrong link can cause malicious code to execute, which could do anything from infecting your computer with malware to, apparently, wiping your phone data completely. At the Ekoparty security conference, researcher Ravi Borganokar demonstrated at the Ekoparty security conference in...
S2 Security Netbox/Linear eMerge Access Control System management component vulnerable to unauthenticated factory reset
Overview The S2 Security Netbox/Linear eMerge Access Control System management console allows an unauthenticated attacker to perform a factory reset of the management system. Description Linear eMerge is an IP-enabled security management and access control system. The product is distributed by...
Nokia S60 SMS/MMS (Curse of Silence) Denial of Service Vulnerability
No description provided by source. Vulnerability Advisory ====================== Remote SMS/MMS Denial of Service - "Curse Of Silence" for Nokia S60 phones URL === https://berlin.ccc.de/tobias/cos/s60-curse-of-silence-advisory.txt Video =====...
Nokia S60 SMS/MMS (Curse of Silence) Denial of Service Vulnerability
Exploit for hardware platform in category dos / poc ==================================================================== Nokia S60 SMS/MMS Curse of Silence Denial of Service Vulnerability ==================================================================== Vulnerability Advisory...
Nokia S60 SMSMMS (Curse of Silence) - Denial of Service
Nokia S60 SMSMMS Curse of Silence - Denial of Service Vulnerability Advisory ====================== Remote SMS/MMS Denial of Service - "Curse Of Silence" for Nokia S60 phones URL === https://berlin.ccc.de/tobias/cos/s60-curse-of-silence-advisory.txt Video =====...
Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service
Vulnerability Advisory ====================== Remote SMS/MMS Denial of Service - "Curse Of Silence" for Nokia S60 phones URL === https://berlin.ccc.de/tobias/cos/s60-curse-of-silence-advisory.txt Video ===== https://berlin.ccc.de/tobias/cos/s60-curse-of-silence-demo.avi Affected Products...
linksys-bypass.txt
regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...
CVE-2003-1346
CVE-2003-1346 affects D-Link DWL-900AP+ wireless access points (firmware versions 2.2, 2.3 and possibly 2.5). The issue allows remote attackers to restore factory default settings by upgrading the firmware via AirPlus Access Point Manager. The impact is description-based: factory defaults can be ...
[Full-disclosure] Clipcomm CPW-100E VoIP wireless handset phone open debug service TCP/60023
I disclosed the following issue at ShmooCon 2006 http://www.shmoocon.org/ during my "VoIP Wireless Phone Security Analysis" presentation. Thanks, --scm =============================================================== DATE: 16 January, 2006 VENDOR: Clipcomm VENDOR NOTIFIED: 14 December, 2005 PRODUC...
CVE-2002-0672
The CVE-2002-0672 entry concerns Pingtel xpressa SIP phones (versions 1.2.5–1.2.7.4) where the administrator password is null due to a factory reset without authentication via the GUI. The linked advisory and CVE records detail multiple issues affecting PX-1 devices, including local/remote admini...
CVE-2002-0672
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets the administrator password to null...
bug found
NetworkEverywhere router Model NR041 latest firmware rev 1.2 Release 03 suffers a "script injection over dhcp" vulnerability. The NR041 does not filter DHCP HOSTNAME options coming from its clients. Because of that, we can inject a web script into the web based administrative interface and wait...