CVE-2022-26872 Password reset interception via API

AMI Megarac Password reset interception via API...

CVE-2022-26872 Password reset interception via API

AMI Megarac Password reset interception via API...

CVE-2022-26872

CVE-2022-26872 (AMI MegaRAC BMC): password reset interception via API could enable an attacker to alter passwords through social engineering and, if exploited, enable remote control of affected servers and deployment of malware or firmware implants. Public discussions summarize the vulnerability ...

AMI MegaRAC 授权问题漏洞

AMI MegaRAC is a family of service processor products from AMI. Complete out-of-band or unlit remote management of computer systems independent of operating system state or location is available to troubleshoot computers and ensure service continuity. A security vulnerability exists in AMI Megara...

CVE-2023-22863

IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 244109...

A user can update information / password from other users

Description A user neither admin nor host can modify nickname, username and email from other users without permission, being a normal user. Steps to Reproduce 1. Login as user A here, called "ileana.maricel", HOST role. 2. In another browser login as user B called "ileana.mariceel", USER role. Co...

CVE-2020-9420

The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is sent in cleartext, allowing an attacker to sniff and intercept traffic to learn the administrative credentials to the router...

IIS modules: The evolution of web shells and how to detect them

Web exploitation and web shells are some of the most common entry points in the current threat landscape. Web servers provide an external avenue directly into your corporate network, which often results in web servers being an initial intrusion vector or mechanism of persistence. Monitoring for...

Bluetooth Core Specification 安全漏洞

The Bluetooth Core Specification is a specification. Defines the technical building blocks used by developers to create the interoperable devices that make up the thriving Bluetooth ecosystem. It is overseen by the Bluetooth Special Interest Group SIG and regularly updated and enhanced by the...

WP-Ban < 1.69.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. PoC 1. Go to the plugin settings and set these...

CVE-2022-45478

Telepad allows an attacker in a man-in-the-middle position between the server and a connected device to see all data including keypresses in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N...

CVE-2022-45480

PC Keyboard WiFi & Bluetooth allows an attacker in a man-in-the-middle position between the server and a connected device to see all data including keypresses in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N...

CVE-2021-35246 Unprotected Transport of Credentials (HSTS) Vulnerability

The application fails to prevent users from connecting to it over unencrypted connections. An attacker able to modify a legitimate user's network traffic could bypass the application's use of SSL/TLS encryption and use the application as a platform for attacks against its users...

Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy

The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...

Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy

The Mozilla Foundation Security Advisory describes this flaw as: When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec...

PT-2022-6523 · Ruijie +7 · Ruijie +7

Name of the Vulnerable Software and Affected Versions: Cisco versions affected versions not specified NetGear versions affected versions not specified Mercury versions affected versions not specified Huawei versions affected versions not specified TP-Link versions affected versions not specified...

The attacker can steal the ETH of users that wanted to buy an NFT by sandwiching the victim transaction.

Lines of code Vulnerability details Impact The attacker can steal the ETH of users that wanted to buy an NFT by sandwiching the victim transaction. Proof of Concept In non-atomic some of the orders could fail and funds should return and the end of execute function - . But the returnETHIfAny...

Malicious Google Play Store App Spotted Distributing Xenomorph Banking Trojan

Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. "Xenomorph is a trojan that steals credentials from banking applications on users' devices,"...

CVE-2022-32928

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user in a privileged network position may be able to intercept mail credentials...

CVE-2022-32928

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user in a privileged network position may be able to intercept mail credentials...