CVE-2018-16187

The CVE-2018-16187 issue affects Ricoh Interactive Whiteboard devices and related controllers where server certificates are not verified, enabling a man-in-the-middle to eavesdrop on encrypted communications. Affected products include D2200 (V1.3–V2.2), D5500 (V1.3–V2.2), D5510 (V1.3–V2.2), and d...

CVE-2018-16186

RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached D5520, D6500, D6510, D7500, D8400, and the display versions with RICOH Interactive Whiteboard Controller Type2 V3....

Microsoft Windows Kernel CVE-2019-0536 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Weak Password Vulnerability in Vimeo Interactive Website Management System

Chengdu Vimeo Interactive Network Technology Co., Ltd. is a technology company whose main products or services are all kinds of website construction, space domain name. Weak password vulnerability exists in the website management system of Weimei Interactive, which can be exploited by attackers t...

[SECURITY] Fedora 28 Update: python-notebook-5.5.0-6.fc28

The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...

GTRS - Google Translator Reverse Shell

This tools uses Google Translator as a proxy to send arbitrary commands to an infected machine. INFECTED MACHINE ==HTTPS== GOOGLE TRANSLATE ==HTTP== C2 Environment Configuration First you need a VPS and a domain, for the domain you can get a free one on Freenom. With your VPS and domain, just edi...

[SECURITY] Fedora 29 Update: python-notebook-5.7.2-1.fc29

The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...

Kamerka - Build Interactive Map Of Cameras From Shodan

Build an interactive map of cameras from Shodan. The script creates a map of Shodan cameras based on your address or coordinates. https://medium.com/@wojciech/%EA%93%98amerka-build-interactive-map-of-cameras-from-shodan-a0267849ec0a Requirements Shodan Geopy Foilum Colorama pip install -r...

RICOH Interactive Whiteboard Detection

Detection of RICOH Interactive Witeboard. The script sends a connection request to the server and attempts to detect RICOH Interactive Whiteboard and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

RICOH Interactive Whiteboard Multiple Vulnerabilities

RICOH Interactive Whiteboard is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Multiple RICOH Interactive Whiteboard Products Information Disclosure Vulnerability

RICOH Interactive Whiteboard D2200 and others are multifunction printer devices from Ricoh, Japan. A security vulnerability exists in several RICOH Interactive Whiteboard products. An attacker could exploit this vulnerability by performing a man-in-the-middle attack to steal encrypted...

Code Execution Vulnerability in Multiple RICOH Interactive Whiteboard Products

RICOH Interactive Whiteboard D2200 and others are multifunction printer devices from Ricoh, Japan. A security vulnerability exists in a number of RICOH Interactive Whiteboard products. A remote attacker could exploit the vulnerability to execute a modified program...

Multiple RICOH Interactive Whiteboard Products Restricted Lifting Vulnerability

RICOH Interactive Whiteboard D2200 and others are multifunction printer devices from Ricoh, Japan. A security vulnerability exists in multiple RICOH Interactive Whiteboard products. The vulnerability can be exploited by an attacker to log in to the administrator settings page and modify the...

Multiple RICOH Interactive Whiteboard Products SQL Injection Vulnerabilities

RICOH Interactive Whiteboard D2200 and others are multifunction printer devices from Ricoh, Japan. A SQL injection vulnerability exists in multiple RICOH Interactive Whiteboard products, which can be exploited by remote attackers to obtain or modify information in a database...

Command Injection Vulnerability in Multiple RICOH Interactive Whiteboard Products

RICOH Interactive Whiteboard D2200 and others are multifunction printer devices from Ricoh, Japan. A command injection vulnerability exists in multiple RICOH Interactive Whiteboard products, which can be exploited by remote attackers to execute arbitrary commands with administrative privileges...

JVN#55263945: Multiple vulnerabilities in RICOH Interactive Whiteboard

RICOH Interactive Whiteboard provided by RICOH COMPANY, LTD. contains multiple vulnerabilities listed below. Command injection CWE-94 - CVE-2018-16184 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 9.8 CVSS v2| AV:N/AC:L/AU:N/C:C/I:C/A:C| Bas...

Sheepl - Creating Realistic User Behaviour For Supporting Tradecraft Development Within Lab Environments

Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environments Introduction There are lots of resources available online relating to how you can build AD network environments for the development of blue team and red team tradecraft. However the current...

Microsoft Windows BitLocker Security Feature CVE-2018-8566 Local Security Bypass Vulnerability

Description Microsoft Windows is prone to a local security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems...

Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8565 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. A local attacker can leverage this issue to disclose sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Versi...

Novahot - A Webshell Framework For Penetration Testers

novahot is a webshell framework for penetration testers. It implements a JSON-based API that can communicate with trojans written in any language. By default, it ships with trojans written in PHP, ruby, and python. Beyond executing system commands, novahot is able to emulate interactive terminals...