TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials

Exploit for hardware platform in category dos / poc Exploit Title: TH692- Outdoor P2P HD Waterproof IP Camera hardcoded credentials Date: 4/16/2016 Exploit Author: DLY Vendor: TENVIS Technology Co., Ltd Product: TH692- Outdoor P2P HD Waterproof IP Camera Product webpage:...

TH692 Outdoor P2P HD Waterproof IP Camera - Hard-Coded Credentials

TH692 Outdoor P2P HD Waterproof IP Camera - Hard-Coded Credentials Exploit Title: TH692- Outdoor P2P HD Waterproof IP Camera hardcoded credentials Date: 4/16/2016 Exploit Author: DLY Vendor: TENVIS Technology Co., Ltd Product: TH692- Outdoor P2P HD Waterproof IP Camera Product webpage:...

TH692 Outdoor P2P HD Waterproof IP Camera - Hard-Coded Credentials

Exploit Title: TH692- Outdoor P2P HD Waterproof IP Camera hardcoded credentials Date: 4/16/2016 Exploit Author: DLY Vendor: TENVIS Technology Co., Ltd Product: TH692- Outdoor P2P HD Waterproof IP Camera Product webpage: http://www.tenvis.com/th-692-outdoor-p2p-hd-waterproof-ip-camera-p-230.html...

Brickcom Network Cameras XSS / CSRF / Insecure Direct Object Reference

| | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | | | | \ V V / / | | | | | | \ \ /|| // ||||,|./|/ Security Adivisory 2016-04-12 www.orwelllabs.com twt:@orwelllabs sm1thw@0rw3lll4bs:/bb ./Bruce.S + surveillance is the business model of the internet - OK! sm1thw@0rw3lll4bs:/bb echo $?...

Brickcom Corporation Network Cameras - Multiple Vulnerabilities

Brickcom Corporation Network Cameras - Multiple Vulnerabilities | | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | | | | \ V V / / | | | | | | \ \ /|| // ||||,|./|/ Security Adivisory 2016-04-12 www.orwelllabs.com twt:@orwelllabs sm1thw@0rw3lll4bs:/bb ./Bruce.S + surveillance is the...

Brickcom Corporation Network Cameras - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Adivisory Information ===================== Vendor: Brickcom Corporation CVE-Number:N/A Adivisory-URL: http://www.orwelllabs.com/2016/04/Brickcom-Multiple-Vulnerabilities.html OLSA-ID: OLSA-2015-12-12 Impact: High especially because some ...

Brickcom Corporation Network Cameras - Multiple Vulnerabilities

| | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | | | | \ V V / / | | | | | | \ \ /|| // ||||,|./|/ Security Adivisory 2016-04-12 www.orwelllabs.com twt:@orwelllabs sm1thw@0rw3lll4bs:/bb ./Bruce.S + surveillance is the business model of the internet - OK! sm1thw@0rw3lll4bs:/bb echo $?...

Pro-face GP-Pro EX Security Bypass Vulnerability

Pro-face GP-Pro EX is a set of HMI screen editing and logic programming software. The Pro-face GP-Pro EX's FTP server uses hard-coded credentials, allowing remote attackers to exploit the vulnerability to access items in the device and obtain sensitive information...

Pro-face GP-Pro EX Authentication Bypass Vulnerability

Pro-face GP-Pro EX is a set of HMI screen editing and logic programming software from American Pro-face. The Pro-face GP-Pro EX has a security vulnerability due to the use of hard-coded certificates by the FTP server. A remote attacker could exploit the vulnerability to access items in the device...

Patterson Dental Eaglesoft Information Disclosure Vulnerability

Patterson Dental Eaglesoft is a suite of dental records software from Patterson Dental Supply Patterson Dental in the United States. An information disclosure vulnerability exists in Patterson Dental Eaglesoft that arises from the program using the same hard-coded credentials across different use...

Patterson Dental Eaglesoft uses a hard-coded database password across installations

Overview Patterson Dental Eaglesoft is a dental records software. Eaglesoft uses a hard-coded database password that is shared across all installations. Description CWE-798: Use of Hard-coded Credentials- CVE-2016-2343 According to the researcher, Eaglesoft uses hard-coded credentials to access a...

Cisco Prime LAN Management Solution Hardcoding Vulnerability

Cisco Prime LAN Management Solution is a LAN-based network management solution from Cisco. A hard-coded vulnerability exists in Cisco Prime LAN Management Solution, which allows a local attacker to decrypt data in the LMS database using a hard-coded key to compromise an affected device...

GE MultiLink Series Hard-coded Credential Vulnerability

OVERVIEW GE has identified a hard-coded credential vulnerability in GE’s MultiLink series managed switches. GE has produced new firmware versions to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following MultiLink products are affected: GE ML8...

Monkey race ray! RSA conference badge scanning application broke vulnerability-vulnerability warning-the black bar safety net

Recently, the BLUE BOX company's security researchers found: RSA 2 0 1 6 The General Assembly on the use of badge scanning APP there is a hard-coded default passwords. This year, RSA 2 0 1 6 The participants will get a unique surprise: the General Assembly, as many manufacturers offer a Samsung...

Netis/Netcore Router Hard-Coded Backdoor

A backdoor in Netis/Netcore routers has been reported. The routers are protected by a single hard-coded password. The exploitation of this backdoor could compromise the network protected by the device...

Sixnet BT Series Hard-coded Credentials Vulnerability

OVERVIEW Independent researcher Neil Smith has identified a hard-coded credential vulnerability in Sixnet’s BT series routers. Sixnet has produced patches and new firmware to mitigate this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are...

QNAP Systems iArtist Lite Hardcoding Vulnerability

QNAP Systems iArtist Lite is a suite of ad editing software for QNAP NAS. QNAP Systems iArtist Lite uses hard-coded FTP accounts and passwords, allowing remote attackers to sniff the network for FTP transfer data...

QNAP Signage Station and iArtist Lite contain multiple vulnerabilities

Overview The QNAP Signage Station prior to version 2.0.1 and the accompanying iArtist Lite application contain multiple vulnerabilities. Description CWE-434: Unrestricted Upload of File with Dangerous Type - CVE-2015-6022An authenticated attacker without administrative permissions may upload a...

D-Link DVG-N5402SP Privilege Acquisition Vulnerability

The D-Link DVG-N5402SP is a wireless router product from AUO D-Link for voice, fax and shared wireless Internet over IP networks. A security vulnerability exists in the D-Link DVG-N5402SP that stems from the program's use of hard-coded certificates. An attacker could exploit the vulnerability to...

AMX Multiple Products Credential Management Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-049-02 AMX Multiple Products Credential Management Vulnerabilities that was published February 18, 2016, on the NCCIC/ICS-CERT web site. --------- Begin Update A Part 1 of 2 -------- ICS-CERT has become aware of...