Linux/ARM - chmod( /etc/passwd 0777) Shellcode (39 bytes)

Linux/ARM - chmod /etc/passwd 0777 Shellcode 39 bytes. Shellcode exploit for ARM platform / Title : Linux/ARM - chmod"/etc/passwd", 0777 - 39 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and 0x0...

Linux/ARM - execve("/bin/sh", [], [0 vars]) Shellcode (35 bytes)

Linux/ARM - execve"/bin/sh", , 0 vars Shellcode 35 bytes. Shellcode exploit for ARM platform / Title : Linux/ARM - execve"/bin/sh", , 0 vars - 35 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and...

Linux/ARM - creat("/root/pwned", 0777) Shellcode (39 bytes)

Linux/ARM - creat"/root/pwned", 0777 Shellcode 39 bytes. Shellcode exploit for ARM platform / Title : Linux/ARM - creat"/root/pwned", 0777 - 39 bytes Date : 2013-09-04 Author : gunslinger yuda at cr0security dot com Tested on : ARM1176 rev6 v6l An ARM Hardcoded Shellcode without 0x20, 0x0a, and...

Hardcoded credentials

The captive portal application in Cisco Identity Services Engine ISE allows remote attackers to discover cleartext usernames and passwords by leveraging unspecified use of hidden form fields in an HTML document, aka Bug ID CSCug02515...

Instagram Crypto Issue / Hardcoded Key

Affected app: Instagram for Android Affected versions: 4.0.2 and 4.1.2, probably also earlier versions as well as iOS affected. Summary After the Instagram iOS vulnerability discovered last year 1, the app's HTTP API has been extended with a cryptographic authentication for changes like "likes" a...

Sitecom wireless routers multiple security vulnerabilities

Undocumented hardcoded accounts, undocumented telnet access, weak WPA and administrator accounts generation...

Cisco Unified Communications Manager multiple security vulnerabilities

Hardcoded encryption key, code execution, privilege escation, SQL injection...

CVE-2013-4876

The Verizon Wireless Network Extender SCS-2U01 has a hardcoded password for the root account, which makes it easier for physically proximate attackers to obtain administrative access by leveraging a login prompt...

Hardcoded credentials

The Verizon Wireless Network Extender SCS-2U01 has a hardcoded password for the root account, which makes it easier for physically proximate attackers to obtain administrative access by leveraging a login prompt...

CVE-2013-4876

The Verizon Wireless Network Extender SCS-2U01 has a hardcoded password for the root account, which makes it easier for physically proximate attackers to obtain administrative access by leveraging a login prompt...

CVE-2013-4876

The CVE-2013-4876 entry applies to the Verizon Wireless Network Extender SCS-2U01, where a hardcoded password for the root account enables physically proximate attackers to obtain administrative access via the device login prompt. The description documents the root cause (hardcoded root credentia...

Hardcoded credentials

Cisco Unified Communications Manager CUCM 7.1x through 9.12 and the IM & Presence Service in Cisco Unified Presence Server through 9.12 use the same CTI and database-encryption key across different customers' installations, which makes it easier for context-dependent attackers to defeat...

Hardcoded credentials

A certain Red Hat patch to the dofilpopen function in fs/namei.c in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux RHEL 6 does not properly handle failure to obtain write permissions, which allows local users to cause a denial of service system crash by leveraging acces...

Multiple IP-cameras backdoor accounts

Hardcoded accounts...

Hardcoded credentials

The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request...

CVE-2013-3958

The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request...

CVE-2013-0142

QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access via unspecified vectors...

Hardcoded credentials

QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access via unspecified vectors...

CVE-2013-0142

QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access via unspecified vectors...

CVE-2013-0142

CVE-2013-0142 affects QNAP VioStor NVR devices (firmware 4.0.3 and possibly earlier) and the Surveillance Station Pro component in QNAP NAS. The root cause is a hardcoded guest account that can be leveraged to obtain web-server login access, enabling remote attackers to access administrative func...