33 matches found
MAL-2025-33747 Malicious code in spinach-kuiper-3ojs (npm)
The package spinach-kuiper-3ojs was found to contain malicious code...
MAL-2025-23493 Malicious code in ivy-kuiper-gvol (npm)
The package ivy-kuiper-gvol was found to contain malicious code...
LF Edge eKuiper vulnerable to File Path Traversal leading to file replacement
Summary Path traversal is also known as directory traversal. These vulnerabilities enable an attacker to read arbitrary files on the server that is running an application. In this case, an attacker might be able to write to arbitrary files on the server, allowing them to modify application data o...
GHSA-FV2P-QJ5P-WQQ4 LF Edge eKuiper vulnerable to File Path Traversal leading to file replacement
Summary Path traversal is also known as directory traversal. These vulnerabilities enable an attacker to read arbitrary files on the server that is running an application. In this case, an attacker might be able to write to arbitrary files on the server, allowing them to modify application data o...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the confKey parameter. An attacker can execute arbitrary scripts in the context of the victim's browser session by injecting a malicious payload into this parameter. Note: This is only exploitable if the...
The evolution of the Kuiper ransomware
Kuiper Ransomware’s Evolution By Trellix · January 17, 2024 This blog was written by Max Kersten The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help...
CVE-2023-6908
A vulnerability, which was classified as problematic, was found in DFIRKuiper Kuiper 2.3.4. This affects the function unzipfile of the file kuiper/app/controllers/casemanagement.py of the component TAR Archive Handler. The manipulation of the argument dstpath leads to path traversal. It is possib...
Path traversal
A vulnerability, which was classified as problematic, was found in DFIRKuiper Kuiper 2.3.4. This affects the function unzipfile of the file kuiper/app/controllers/casemanagement.py of the component TAR Archive Handler. The manipulation of the argument dstpath leads to path traversal. It is possib...
CVE-2023-6908 DFIRKuiper TAR Archive case_management.py unzip_file path traversal
A vulnerability, which was classified as problematic, was found in DFIRKuiper Kuiper 2.3.4. This affects the function unzipfile of the file kuiper/app/controllers/casemanagement.py of the component TAR Archive Handler. The manipulation of the argument dstpath leads to path traversal. It is possib...
CVE-2023-6908
DFIRKuiper Kuiper 2.3.4 contains a path-traversal vulnerability in the TAR Archive Handler’s unzip_file function (kuiper/app/controllers/case_management.py). Manipulating the dst_path argument enables traversal, and remote initiation is possible with high attack complexity and no required privile...
DFIRKuiper Kuiper Path Traversal Vulnerability
DFIRKuiper Kuiper is a digital investigation platform from the individual developers of DFIRKuiper that provides investigative teams and individuals with the ability to parse, search, and visualize collected evidence. A path traversal vulnerability exists in DFIRKuiper Kuiper version 2.3.4, which...
PT-2023-32816 · Unknown · Dfirkuiper Kuiper
Name of the Vulnerable Software and Affected Versions: DFIRKuiper Kuiper version 2.3.4 Description: A problematic issue was found in the TAR Archive Handler component, specifically affecting the unzip file function of the case management.py file. The manipulation of the dst path argument leads to...
kuiper-admin.nl Cross Site Scripting vulnerability OBB-3068282
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...