CVE-2021-20109

Due to the Asset Explorer agent not validating HTTPS certificates, an attacker on the network can statically configure their IP address to match the Asset Explorer's Server IP address. This will allow an attacker to send a NEWSCAN request to a listening agent on the network as well as receive the...

ZOHO ManageEngine AssetExplorer 信任管理问题漏洞

ZOHO ManageEngine AssetExplorer is a suite of asset management software from ZOHO USA. The software provides asset tracking, scanning of IT assets, and asset ownership tracking. ZOHO ManageEngine AssetExplorer suffers from a Trust Management Issue vulnerability that can be exploited by an attacke...

Netsparker 4 - Easier to Use, More Automation and Much More Web Security Checks

Netsparker Web Application Security Scanner version 4. The main highlight of this new version is the new fully automated Form Authentication mechanism; it does not require you to record anything, supports 2 factor authentication and other authentication mechanisms that require a one time code to...