PT-2026-26432

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplug call function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference Vulnerability

Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an unauthenticated device configuration and client-side hidden functionality disclosure vulnerability. Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config Vendor: Elber S.r.l. Product web page:...

The vulnerability of the ms_lib_process_bootblock() function in the drivers/usb/storage/ene_ub6250.c file of the ene_usb6250 driver for the ENE SD/MS embedded system in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the mslibprocessbootblock function in the drivers/usb/storage/eneub6250.c file of the eneusb6250 driver for the ENE SD/MS embedded system in the Linux operating system is related to access to memory beyond the allocated buffer. Exploiting this vulnerability could allow a...

The vulnerability of the Gunyah Resource Manager service on Android and Linux embedded platforms of Qualcomm devices allows a hacker to induce a service failure.

The vulnerability of the Gunyah Resource Manager service for Android and Linux embedded devices on Qualcomm systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a attacker to cause a service failure by sending specially crafted messages from the...

PT-2022-2808 · U-Boot +4 · U-Boot +4

Name of the Vulnerable Software and Affected Versions: U-Boot version 2022.01 Description: The issue is related to a buffer overflow in the CONFIG IP DEFRAG function, which is responsible for IP packet defragmentation in U-Boot bootloaders for Linux-based embedded operating systems. This is cause...

BotenaGo botnet malware targeting millions of IoT devices

By Deeba Ahmed The malware is currently targeting Linux-embedded routers and IoT devices through botnets. This is a post from HackRead.com Read the original post: BotenaGo botnet malware targeting millions of IoT devices...

The vulnerability in the `dns_parse_callback` function in the `network/lookup_name.c` library for the C language, used in Linux-based embedded operating systems, allows a attacker to cause a service failure.

The vulnerability of the dnsparsecallback function in the network/lookupname.c library for the C language, used in Linux-based operating systems, relates to the lack of restrictions on the number of addresses that can be entered. Exploiting this vulnerability could allow a remote attacker to caus...

Multiple remote vulnerabilities (RCE, bof) in Nuuo NVR and NETGEAR Surveillance

Multiple vulnerabilities in NUUO NVRmini2 / NVRsolo / Crystal devices and NETGEAR ReadyNAS Surveillance application Discovered by Pedro Ribeiro [email protected], Agile Information Security http://www.agileinfosec.co.uk/ Disclosure: 04/08/2016 / Last updated: 05/08/2016 Background on the affected...

Remote Command Execution Vulnerability in iGuardian Security Guardian

iGuardian is a router-based application embedded in the Linux operating system, with Snort an intrusion detection system as an embedded command-and-control system. A remote command execution vulnerability exists in the iGuardian Security/apps/login.php file. This allows an attacker to remotely...

NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vul

Exploit for hardware platform in category remote exploits Multiple vulnerabilities in NUUO NVRmini2 / NVRsolo / Crystal devices and NETGEAR ReadyNAS Surveillance application Discovered by Pedro Ribeiro email protected, Agile Information Security http://www.agileinfosec.co.uk/...

Samsung DVR authentication bypass

Title: Samsung DVR authentication bypass Version affected: firmware version = 1.10 Vendor: Samsung - www.samsung-security.com Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Samsung provides a wide range of DVR...

Samba remote code execution vulnerability, Patch Released !

Samba remote code execution vulnerability, Patch Released ! Samba is an award-winning free software file, print and authentication server suite for Windows clients. The project was begun by Australian Andrew Tridgell. There is a serious remotely exploitable vulnerability in the Samba open-source...

kyocera-traversal.txt

Kyocera Command Center Directory Traversal Vulnerability Version: I've tested this vulnerability to Kyocera Command Center embedded in FS-118MFP system Linux embedded printer but I suppose that other Kyocera printers may be vulnerable Vulnerability: Directory Traversal Risk: Critical Description...