PT-2021-7658 · Npm · Systeminformation

Name of the Vulnerable Software and Affected Versions: systeminformation versions prior to 5.3.1 Description: The System Information Library for Node.JS is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1,...

Cybercriminals' Favorite Bulletproof VPN Service Shuts Down In Global Action

Law enforcement agencies from the US, Germany, Netherlands, Switzerland, France, along with Europol's European Cybercrime Centre EC3, announced today the coordinated takedown of Safe-Inet, a popular virtual private network VPN service that was used to facilitate criminal activity. The three domai...

GHSA-M57P-P67H-MQ74 Command Injection Vulnerability in systeminformation

Impact command injection vulnerability Patches Problem was fixed with a shell string sanitation fix. Please upgrade to version = 4.31.1 Workarounds If you cannot upgrade, be sure to check or sanitize service parameter strings that are passed to si.inetLatency For more information If you have any...

inet-sochi.ru Cross Site Scripting vulnerability OBB-1466650

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2020-17497

eapol.c in iNet wireless daemon IWD through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4...

CVE-2020-17497

eapol.c in iNet wireless daemon IWD through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4...

CVE-2020-17497

eapol.c in iNet wireless daemon IWD through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4...

Code injection

eapol.c in iNet wireless daemon IWD through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4...

CVE-2020-17497

eapol.c in iNet wireless daemon IWD through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4...

CVE-2020-17497

eapol.c in iNet wireless daemon IWD through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4...

CVE-2020-17497

CVE-2020-17497 affects the iNet wireless daemon (IWD) up to version 1.8. The vulnerability resides in eapol.c and allows an adjacent attacker to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4, potentially compromising the WPA3/RSN key handling. NVD reports a base score of 8.1 (HIGH) ...

NetBackup 7.0 - (NetBackup INET Daemon) Unquoted Service Path Vulnerability

Exploit Title: NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path Discovery by: Alan Mondragon "El Masas" Vendor Homepage: https://www.veritas.com/ Software Link : https://www.veritas.com/ Veritas Tested Version: 7.0 Vulnerability Type: Unquoted t Service Path Tested on OS: Windows...

NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path

Exploit Title: NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path Discovery by: Alan Mondragon "El Masas" Discovery Date: 2020-03-17 Vendor Homepage: https://www.veritas.com/ Software Link : https://www.veritas.com/ Veritas Tested Version: 7.0 Vulnerability Type: Unquoted t Service Pat...

OpenSMTPD 6.6.1 Local Privilege Escalation

Exploit Title: OpenSMTPD 6.6.1 - Local Privilege Escalation Date: 2020-02-02 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.opensmtpd.org/ Version: OpenSMTPD 6.4.0 - 6.6.1 Tested on: OpenBSD 6.6, Debian GNU/Linux bullseye/sid with opensmtpd 6.6.1p1-1 CVE: CVE-2020-7247 !/usr/bin/perl...

Information Disclosure

Supervisor is vulnerable to unauthorized restart and information disclosure. It is possible because the inet HTTP server, which is not enabled by default, does not use authentication by default, allowing an unauthenticated user to access log files or restart a service if the inet HTTP server is...

PYSEC-2019-126

DISPUTED In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected component, inethttpserver, is not enabled by default but if the user enables it and does not set a password, Supervisor logs a warning message. T...

PYSEC-2019-126

DISPUTED In Supervisor through 4.0.2, an unauthenticated user can read log files or restart a service. Note: The maintainer responded that the affected component, inethttpserver, is not enabled by default but if the user enables it and does not set a password, Supervisor logs a warning message. T...

PhoneSploit v1.2 - Using Open Adb Ports We Can Exploit A Andriod Device

Using open Adb ports we can exploit an Andriod device. you can find open ports here https://www.shodan.io/search?query=android+debug+bridge+product%3A”Android+Debug+Bridge” To find out how to access a local device -- https://www.youtube.com/watch?v=OlhCAX1qBQo Recent News New Update v.1.2 Port...

CVE-2019-6273

downloadfile in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to download arbitrary files...

GL-AR300M-Lite 2.27 - (Authenticated) Command Injection / Arbitrary File Download / Directory Traversal

Exploit Title: GL-AR300M-Lite Authenticated Command injection - Arbitrary file download - Directory Traversal Date: 15/1/2019 Exploit Author: Pasquale Turi aka boombyte Vendor Homepage: https://www.gl-inet.com/ Software Link: https://www.gl-inet.com/products/gl-ar300m/ Version: Firmware version...