Web Security Dog (IIS Edition) Upload Bypass Vulnerability

Website Security Dog IIS Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection features for comprehensive website security. Web Security Dog IIS Version V4.0.20336 has an upload bypass vulnerability that allows...

CVE-2017-17910

On Hoermann BiSecur devices before 2018, a vulnerability can be exploited by recording a single radio transmission. An attacker can intercept an arbitrary radio frame exchanged between a BiSecur transmitter and a receiver to obtain the encrypted packet and the 32-bit serial number. The intercepti...

GitLab: GitHub import allows user to create child group under existing namespace

When importing a GitHub repository on GitLab, a request is made to /import/github. The user is allowed to pass along a target namespace where they want to add the repository. In this process, the code will create the namespace if it doesn't exist already. However, this can be used to create a...

BtleJuice Framework - Bluetooth Smart (LE) Man-in-the-Middle Framework

BtleJuice is a complete framework to perform Man-in-the-Middle attacks on Bluetooth Smart devices also known as Bluetooth Low Energy. It is composed of: an interception core an interception proxy a dedicated web interface Python and Node.js bindings How to install BtleJuice ? Installing BtleJuice...

CVE-2017-15321

Huawei FusionSphere OpenStack V100R006C000SPC102 NFV has an information leak vulnerability due to the use of a low version transmission protocol by default. An attacker could intercept packets transferred by a target device. Successful exploit could cause an information leak...

Multiple Huawei products CIDAM protocol information leakage vulnerability

Huawei DP300 etc. are products of Huawei, China.DP300 is a videoconferencing terminal.RP200 is an all-in-one videoconferencing device.CIDAM is one of the message transfer protocols. An information disclosure vulnerability exists in the CIDAM protocol in several Huawei products due to the...

Hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly if you provide it with a root CA certificate and its corresponding key. If the target machine recognizes the root CA as trusted, then HTTPs...

Puppet Enterprise console session vulnerability

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the U.S. It can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is an enterprise version. console is one of the console tools. ...

CVE-2015-8470

The console in Puppet Enterprise 3.7.x, 3.8.x, and 2015.2.x does not set the secure flag for the JSESSIONID cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session...

Schneider Electric Pelco VideoXpert Missing Encryption Of Sensitive Information

Summary VideoXpert is a video management solution designed for scalability, fitting the needs surveillance operations of any size. VideoXpert Ultimate can also aggregate other VideoXpert systems, tying multiple video management systems into a single interface. Description The software transmits...

Uber: The Microsoft Store Uber App Does Not Implement Server-side Token Revocation

Summary The Microsoft Store Uber App Windows Phone Architecture does not properly revoke or expire a rider's x-uber-token upon app signout. Security Impact When a user logs out/signs off of the app, the logout process is handled only locally on the application side, and without any type of...

Unauthorized Access Vulnerability in Xiao Feng Air Ching App Android Version

Ltd. developed with the work of the Xiao Feng Air Dorothy system APP, mainly used to monitor the indoor air quality and Xiao Feng Air Dorothy internal and external machine running status, monitoring items including PM2.5, formaldehyde, oxygen, temperature and humidity, and can be through the APP...

Xiaofeng Air Ching App for Android has an overstepping loophole

Ltd. developed with the work of the Xiao Feng Air Dorothy system APP, mainly used to monitor the indoor air quality and Xiao Feng Air Dorothy internal and external machine running status, monitoring items including PM2.5, formaldehyde, oxygen, temperature and humidity, and can be through the APP...

Smart Heat Temperature Control App for Android suffers from an override access vulnerability

Smart Heat Temperature Control APP a home temperature control software, users only need to add the home's Internet-accessible thermostat to the software, you can use your phone or tablet to control the temperature of your home's HVAC equipment. The Android version of Smart Heat Temperature Contro...

Wise Ride Android App Has Logic Design Flaws

Smart Ride Ride Le app is a smart city public bike rental app. There is a logic design loophole in the Zhixing Jiale Android app. After logging into the system, an attacker can modify the amount of payment arbitrarily by clicking on the "Alipay Payment Credit Deposit" option and intercepting it...

The vulnerability of Zyxel Wi-Fi transponders lies in the use of pre-set credentials, which allows attackers to intercept DNS requests.

The vulnerability of the Zyxel Wi-Fi signal relay stems from the use of pre-set account credentials “root” and “admin” default password: 1234 during Telnet protocol connections. Exploiting this vulnerability allows a remote attacker to intercept DNS requests by reconfiguring the built-in...

CVE-2017-5729

Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle...

Logic Design Vulnerability in EasyCMS Frontend

EasyCMS is lightweight scalable open source content management program, following the Apache2 open source agreement. A logical design vulnerability exists in the frontend of EasyCMS. Attackers can log into the user center and modify other people's mailboxes and data by intercepting and modifying...

Design/Logic Flaw

An exploitable vulnerability exists in the torlist update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the product to run an attacker-supplied shell script. An attacker can intercept and alter network traffic to trigger this vulnerability...

Design/Logic Flaw

An exploitable vulnerability exists in the firmware update functionality of Circle with Disney. Specially crafted network packets can cause the product to run an attacker-supplied shell script. An attacker can intercept and alter network traffic to trigger this vulnerability...