EUVD-2020-18547

Malware in sbrugna...

CVE-2020-25917

Stratodesk NoTouch Center before 4.4.68 is affected by: Incorrect Access Control. A low privileged user on the platform, for example a user with "helpdesk" privileges, can perform privileged operations including adding a new administrator to the platform via the easyadmin/user/submitCreateTCUser....

CVE-2020-25917

Stratodesk NoTouch Center before 4.4.68 is affected by: Incorrect Access Control. A low privileged user on the platform, for example a user with "helpdesk" privileges, can perform privileged operations including adding a new administrator to the platform via the easyadmin/user/submitCreateTCUser....

Design/Logic Flaw

Stratodesk NoTouch Center before 4.4.68 is affected by: Incorrect Access Control. A low privileged user on the platform, for example a user with "helpdesk" privileges, can perform privileged operations including adding a new administrator to the platform via the easyadmin/user/submitCreateTCUser....

CVE-2020-25917

Stratodesk NoTouch Center before 4.4.68 is affected by: Incorrect Access Control. A low privileged user on the platform, for example a user with "helpdesk" privileges, can perform privileged operations including adding a new administrator to the platform via the easyadmin/user/submitCreateTCUser....

CVE-2020-25917

CVE-2020-25917 affects Stratodesk NoTouch Center before 4.4.68. The root cause is Incorrect Access Control allowing a low-privileged user (e.g., a user with “helpdesk” privileges) to perform privileged operations, such as adding a new administrator via easyadmin/user/submitCreateTCUser.do . CVSS ...

Stratodesk Notouch Center Access Control Error Vulnerability

Stratodesk Notouch Center is a management software for a large number of clients and other devices from Stratodesk USA. The software supports access to, and control of, multiple ADIs from a single location and has the ability to manage X86 and Raspberry Pi devices. An access control error...

Stratodesk NoTouch Center Privilege Escalation

Stratodesk NoTouch Center Virtual Appliance is a portal for managing NoTouch clients. It appears that Stratodesk has a partnership with ViewSonic and produced these appliances to support some of their hardware devices as well. - https://www.stratodesk.com/products/notouch-desktop/virtual-applianc...

CVE-2020-6768

A path traversal vulnerability in the Bosch Video Management System BVMS NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 = 10.0.0.1225, 9.0 = 9.0.0.827, 8.0 = 8.0.329 and 7.5 and older. This affect...

CVE-2020-6768

CVE-2020-6768 is a path-traversal vulnerability in Bosch Video Management System (BVMS) NoTouch deployment that allows an unauthenticated remote attacker to read arbitrary files from the Central Server. Affected are BVMS during versions 10.0.0.1225 and earlier (10.x, 9.x, 8.x, 7.5 and older), BVM...