EUVD-2025-33913

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown function of the file TFFQDN.json of the component GATT Interface URL Handler. Such manipulation leads to server-side request forgery. The attack may be performed from remote. Attacks of this nature are high...

EUVD-2019-5646

Malware in sbrugna...

ABB Cylon Aspect 3.08.02 (tscConfiguration.php) Authenticated Reflected XSS

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated reflected...

Vivotek IP Cameras - Remote Stack Overflow (PoC) Vulnerability

Exploit for multiple platform in category remote exploits STX Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no...

Vivotek IP Cameras - Remote Stack Overflow (PoC)

STX Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no credentials needed Firmware Vulnerable: Only 2017 versions...

Vivotek IP Cameras - Remote Stack Overflow (PoC)

Vivotek IP Cameras - Remote Stack Overflow PoC STX Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no credentials...

Vivotek IP Cameras - Remote Stack Overflow

Subject: Vivotek IP Cameras - Remote Stack Overflow Researcher: bashis September-October 2017 PoC: https://github.com/mcw0/PoC Release date: November 13, 2017 Full Disclosure: 43 days Attack Vector: Remote Authentication: Anonymous no credentials needed Firmware Vulnerable: Only 2017 versions...

Lantronix Secure Console Server SCS820/SCS1620 Multiple Local Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14486/info Lantronix Secure Console Server SCS820/SCS1620 devices are susceptible to multiple local vulnerabilities. The first issue is an insecure default permission vulnerability. Attackers may exploit this vulnerabilit...

D-Link DAP-1160 Wireless Access Point - DCC Protocol Security Bypass

source: https://www.securityfocus.com/bid/41187/info The D-Link DAP-1160 wireless access point WAP is prone to a security-bypass vulnerability. Remote attackers can exploit this issue to bypass security restrictions, access certain administrative functions, alter configuration, or trigger a...