16 matches found
EUVD-2013-6685
Malware in sbrugna...
Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities
No description provided by source...
CVE-2013-6881
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 sector size or 2 skip count fields for the forensic imaging task...
Design/Logic Flaw
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 sector size or 2 skip count fields for the forensic imaging task...
Default credentials
The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges...
CVE-2013-6884
CVE-2013-6884 affects the CRU Ditto Forensic FieldStation write-blocker firmware up to 2013Oct15a. The issue is a default credential pair (username: ditto, password: ditto) that enables remote attackers to gain privileges. Public references (NVD entry and related advisories) confirm the vulnerabi...
CVE-2013-6884
The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges...
CVE-2013-6881
CVE-2013-6881 affects CRU Ditto Forensic FieldStation before firmware 2013Oct15a. The vulnerability allows remote attackers to execute arbitrary commands by injecting shell metacharacters into the imaging task fields (sector size or skip count). Impact: remote code execution with complete confide...
CVE-2013-6881
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 sector size or 2 skip count fields for the forensic imaging task...
CVE-2013-6883
Cross-site request forgery CSRF vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow 1 remote attackers to inject arbitrary web script or HTML via the username parameter in a login or 2 remote authenticated users to inject arbitrary web script or HTML vi...
CVE-2013-6883
Cross-site request forgery CSRF vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors...
CVE-2013-6883
CVE-2013-6883 describes a CSRF vulnerability in the CRU Ditto Forensic FieldStation, affecting firmware before 2013-Oct-15a. The issue allows remote attackers to hijack an administrator’s authentication to perform actions that modify the device’s disk-erase technique settings via unspecified vect...
CVE-2013-6882
Affected product: CRU Ditto Forensic FieldStation (firmware 2013Oct15a and earlier). Vulnerabilities documented: Multiple cross-site scripting (XSS) vulnerabilities via the username parameter during login and via unspecified form fields for authenticated users. In addition, related exploit materi...
Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities
Ditto Forensic FieldStation 2013Oct15a - Multiple Vulnerabilities Title: Ditto Forensic FieldStation, multiple vulnerabilities Versions affected: = 2013Oct15a all Vendor: CRU Wiebetech Discovered by: Martin Wundram Email: [email protected] Date found: 2013-04-22 Date published: 2013-12-12...