Samsung / Dell Printer SNMP Backdoor

The remote host appears to be a Samsung printer, or a Dell printer manufactured by Samsung. It has a hard-coded SNMP read-write community string that allows access even when SNMP has been disabled in the printer management utility. A remote, unauthenticated attacker can exploit this to take contr...

Multiple vulnerabilities in Ezylog photovoltaic management server

Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server Discovery date: 27/08/2012 Release date: 11/09/2012 Credits: Roberto...

Schneider Electric Quantum Ethernet Module Hard-Coded Credentials

OVERVIEW --------- Begin Update B Part 1 of 3 -------- This updated advisory is a follow-up to the updated advisory titled ICSA-12-018-01A Schneider Electric Quantum Ethernet Module Hard-Coded Credentials that was published on June 04, 2013, on the ICS-CERT Web site. It is also a follow-up to the...

CVE-2012-4933

The rtrlet web application in the Web Console in Novell ZENworks Asset Management ZAM 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the 1 GetFilePassword and 2 GetConfigInfoPassword operations, which allows remote attackers to obtain sensitive information via a...

CVE-2012-4933

The rtrlet web application in the Web Console in Novell ZENworks Asset Management ZAM 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the 1 GetFilePassword and 2 GetConfigInfoPassword operations, which allows remote attackers to obtain sensitive information via a...

Visual Tools DVR3.0.6.16_ vx series 4.2.19.2 - Multiple Vulnerabilities

Visual Tools DVR3.0.6.16 vx series 4.2.19.2 - Multiple Vulnerabilities Exploit Title: Visual Tools DVR multiple vulnerabilities Date: 2012-10-15 Exploit Author: Andrea Fabrizi Vendor Homepage: http://www.visual-tools.com/ Version: VS Series = 3.0.6.16, VX Series = 4.2.19.2 Tested on: VS Series...

BigPond 3G21WB Multiple Vulnerabilities

Exploit for hardware platform in category web applications Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB ============================================================================== ADVISORY INFORMATION Title: Hard-coded credentials and command-injection...

BigPond 3G21WB - Multiple Vulnerabilities

BigPond 3G21WB - Multiple Vulnerabilities Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB ============================================================================== ADVISORY INFORMATION Title: Hard-coded credentials and command-injection vulnerabilities on BigPo...

BigPond 3G21WB security vulnerabilities

Hard coded credentials, commands injection...

BigPond 3G21WB - Multiple Vulnerabilities

Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB ============================================================================== ADVISORY INFORMATION Title: Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB Discovery date: 17/09/2012 Relea...

SCADA Hacking : Exploit released to Hack Solar Energy Plants

ICS-CERT - Industrial Control Systems Cyber Emergency Response Team has released the Advisory titled ICS-ALERT-12-284-01 - Sinapsi eSolar Light Multiple Vulnerabilities. They Report about report multiple vulnerabilities with proof-of-concept PoC exploit code that affecting the Sinapsi eSolar Ligh...

BigPond 3G21WB Hardcoded Credentials / Command Injection

Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB ============================================================================== ADVISORY INFORMATION Title: Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB Discovery date: 17/09/2012 Relea...

Carlo Gavazzi EOS Box Multiple Vulnerabilities

Overview This advisory provides mitigation details for multiple vulnerabilities that impact the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has identified two vulnerabilities in the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has produced a firmware...

PT-2015-12: Privilege Gaining in Siemens SIMATIC WinCC (TIA Portal)

The specialists of the Positive Research center have detected a Privilege Gaining vulnerability in Siemens SIMATIC WinCC TIA Portal. Vulnerability exists due to a hard coded encryption key in WinCC RT Professional, which allows remote attackers to obtain sensitive information and escalate their...

Ezylog Photovoltaic Management Server - Multiple Vulnerabilities

Ezylog Photovoltaic Management Server - Multiple Vulnerabilities Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server...

Ezylog Photovoltaic Management Server - Multiple Vulnerabilities

Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server Discovery date: 27/08/2012 Release date: 11/09/2012 Credits: Roberto...

Ezylog Photovoltaic Management Server Multiple Vulnerabilities

Exploit for php platform in category web applications Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server Discovery date:...

Ezylog Photovoltaic Management SQL Injection / Command Injection

Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server Discovery date: 27/08/2012 Release date: 11/09/2012 Credits: Roberto...

HP SAN/iQ Virtual SAN Appliance Multiple Parameters Command Execution Vulnerabilities

HP SAN/iQ Virtual SAN Appliance is prone to multiple command execution vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Sinapsi Devices Vulnerabilities

Overview This advisory is a follow-up to the alert titled ICS-ALERT-12-284-01—Sinapsi eSolar Light Vulnerabilities that was published October 10, 2012. Independent researchers Roberto Paleari and Ivan Speziale identified four vulnerabilities and released proof-of-concept exploit code for the...