24 matches found
EUVD-2025-30276
Malicious code in bioql PyPI...
EUVD-2023-32363
Malicious code in bioql PyPI...
CVE-2022-4980
General Bytes Crypto Application Server CAS beginning with version 20201208 prior to 20220531.38 backport and 20220725.22 mainline contains an authentication bypass in the admin web interface. An unauthenticated attacker could invoke the same URL used by the product's default-installation /...
CVE-2022-4980
General Bytes Crypto Application Server CAS beginning with version 20201208 prior to 20220531.38 backport and 20220725.22 mainline contains an authentication bypass in the admin web interface. An unauthenticated attacker could invoke the same URL used by the product's default-installation /...
CVE-2022-4980
General Bytes CAS suffered an authentication bypass in the admin web interface affecting versions 20201208–20220531.38 (backport) and 20220725.22 (mainline). An unauthenticated attacker could hit the default/install/first-admin page to create a new admin account, gain privileges, and redirect fun...
CVE-2022-4980 General Bytes Crypto Application Server (CAS) Unauthenticated Creation of Admin Account via Default-installation/First-admin Page
General Bytes Crypto Application Server CAS beginning with version 20201208 prior to 20220531.38 backport and 20220725.22 mainline contains an authentication bypass in the admin web interface. An unauthenticated attacker could invoke the same URL used by the product's default-installation /...
CVE-2022-4980 General Bytes Crypto Application Server (CAS) Unauthenticated Creation of Admin Account via Default-installation/First-admin Page
General Bytes Crypto Application Server CAS beginning with version 20201208 prior to 20220531.38 backport and 20220725.22 mainline contains an authentication bypass in the admin web interface. An unauthenticated attacker could invoke the same URL used by the product's default-installation /...
PT-2025-38603
Name of the Vulnerable Software and Affected Versions General Bytes Crypto Application Server CAS versions 20201208 through 20220531.38 General Bytes Crypto Application Server CAS version 20220725.22 Description General Bytes Crypto Application Server CAS contains an authentication bypass in the...
General Bytes Crypto Application Server 安全漏洞
General Bytes Crypto Application Server is General Bytes' provides powerful and simple browser-based administration. A security vulnerability exists in General Bytes Crypto Application Server versions 20201208 through prior to 20220531.38 and prior to 20220725.22, which stems from an authenticati...
CVE-2023-28725
General Bytes Crypto Application Server CAS 20230120, as distributed with General Bytes BATM devices, allows remote attackers to execute arbitrary Java code by uploading a Java application to the /batm/app/admin/standalone/deployments directory, aka BATM-4780, as exploited in the wild in March...
CVE-2023-28725
General Bytes Crypto Application Server CAS 20230120, as distributed with General Bytes BATM devices, allows remote attackers to execute arbitrary Java code by uploading a Java application to the /batm/app/admin/standalone/deployments directory, aka BATM-4780, as exploited in the wild in March...
CVE-2023-28725
General Bytes Crypto Application Server CAS 20230120, as distributed with General Bytes BATM devices, allows remote attackers to execute arbitrary Java code by uploading a Java application to the /batm/app/admin/standalone/deployments directory, aka BATM-4780, as exploited in the wild in March...
Code injection
General Bytes Crypto Application Server CAS 20230120, as distributed with General Bytes BATM devices, allows remote attackers to execute arbitrary Java code by uploading a Java application to the /batm/app/admin/standalone/deployments directory, aka BATM-4780, as exploited in the wild in March...
Crypto ATM Manufacturer General Bytes Suffers $1.5m Bitcoin Theft
By Habiba Rashid The company has disclosed the wallet addresses and three IP addresses used by the attacker in the hack. This is a post from HackRead.com Read the original post: Crypto ATM Manufacturer General Bytes Suffers $1.5m Bitcoin Theft...
Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw
Bitcoin ATM maker General Bytes disclosed that unidentified threat actors stole cryptocurrency from hot wallets by exploiting a zero-day security flaw in its software. "The attacker was able to upload his own java application remotely via the master service interface used by terminals to upload...
Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw
Bitcoin ATM maker General Bytes disclosed that unidentified threat actors stole cryptocurrency from hot wallets by exploiting a zero-day security flaw in its software. "The attacker was able to upload his own java application remotely via the master service interface used by terminals to upload...
PT-2023-21922 · General Bytes · General Bytes Crypto Application Server
Name of the Vulnerable Software and Affected Versions: General Bytes Crypto Application Server CAS versions prior to 20221118.48 General Bytes Crypto Application Server CAS versions prior to 20230120.44 Description: The issue allows remote attackers to execute arbitrary Java code by uploading a...
CVE-2023-28725
CVE-2023-28725 affects General Bytes Crypto Application Server (CAS) versions 20230120 (distributed with BATM devices). The vulnerability allows an unauthenticated remote attacker to execute arbitrary Java code by uploading a Java app to the "/batm/app/admin/standalone/deployments" directory, due...
VulnCheck KEV: CVE-2023-28725
General Bytes Crypto Application Server CAS 20230120, as distributed with General Bytes BATM devices, allows remote attackers to execute arbitrary Java code by uploading a Java application to the /batm/app/admin/standalone/deployments directory, aka BATM-4780, as exploited in the wild in...
CVE-2023-28725
General Bytes Crypto Application Server CAS 20230120, as distributed with General Bytes BATM devices, allows remote attackers to execute arbitrary Java code by uploading a Java application to the /batm/app/admin/standalone/deployments directory, aka BATM-4780, as exploited in the wild in March...