174 matches found
MikroTik RouterOS Improper Certificate Validation (CVE-2018-10066)
An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server. This may allow the attacker to gain access to the client's internal network fo...
Design/Logic Flaw
A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security TLS in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can...
openSUSE 15 Security Update : python-mitmproxy (openSUSE-SU-2023:0232-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0232-1 advisory. - mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP...
openSUSE 15 Security Update : python-mitmproxy (openSUSE-SU-2023:0233-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0233-1 advisory. - mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP...
CVE-2023-3272
Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted...
Input validation
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view o...
Serious Security Vulnerability Discovered in Promotion
Description I am writing to report a serious security vulnerability that we have uncovered. Specifically, we have found that promotions applied to certain client groups are still being honored even after the promotions are no longer applicable to those groups. This means that attackers can...
PT-2023-24674 · Avo · Avo
Name of the Vulnerable Software and Affected Versions: Avo affected versions not specified Description: The issue concerns some Avo fields being vulnerable to Cross Site Scripting XSS when rendering HTML-based content. Attackers need form edit privilege to exploit this vulnerability, but the...
Design/Logic Flaw
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug...
Insecure Business Logic - Client Side Enforcement Bypass on User Account Deletion
Description The application enforces account deletion on the client-side with a popup that states the admin account cannot be deleted. Additionally, regular users do not have an option in the interface to delete their own account. An administrative and regular-privileged user are able to bypass...
Privilege Escalation in the Cockpit CMS
Description Hi, during my analyses I realized that it is possible to perform a privilege escalation by intercepting the request and changing the roles from "user" to "admin" becoming the application's administrator. Proof of Concept poc:...
Default credentials
The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is sent in cleartext, allowing an attacker to sniff and intercept traffic to learn the administrative credentials to the router...
Slack: Ability to join an arbitrary workspace by utilizing a proxy to manipulate invite links
A vulnerability was found in Slack that allowed experienced researchers to utilize an intercepting proxy to manipulate invite links and join an arbitrary workspace without admin approval. The issue was fixed immediately and no customers were impacted...
U.S. Dept Of Defense: Authentication bypass leads to Information Disclosure at U.S Air Force "https://███"
Hi Hackerone Triage team, I'm new in this program, what i understood that every Web Owned/Operated by DoD is in scope , so i did some google searches , exactly in wikipedia and i've find this PNG that confirms that U.S Air Force is in scope :...
Authorization Bypass
drupal7 is vulnerable to authorization bypass. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signature - impersonating existing users and existing roles, including administrative users/roles...
CVE-2022-26493
Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signatur...
Authorization
Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signatur...
DEBIAN-CVE-2022-30783
An invalid return code in fusekernmount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite...
CVE-2022-24766
mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...
PYSEC-2022-170
mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...