20 matches found
AXIS Communications - Cross-Site Scripting Content Injection
AXIS Communications - Cross-Site Scripting Content Injection 0RWELLL4BS security advisory olsa-2015-8258 PGP: 79A6CCC0 @orwelllabs Advisory Information ==================== - Title: ImagePath Resource Injection/Open script editor - Vendor: AXIS Communications - Research and Advisory: Orwelllabs -...
AXIS Communications - Cross-Site Scripting / Content Injection
0RWELLL4BS security advisory olsa-2015-8258 PGP: 79A6CCC0 @orwelllabs Advisory Information ==================== - Title: ImagePath Resource Injection/Open script editor - Vendor: AXIS Communications - Research and Advisory: Orwelllabs - Class: Improper Input Validation CWE-20 - CVE Name:...
AXIS Network Camera Cross Site Scripting
I. ADVISORY INFORMATION ----------------------- Title: Axis Network Cameras Multiple Cross-site scripting Vendor: Axis Communications Class: Improper Input Validation CWE-20 CVE Name: CVE-2015-8256 Remotely Exploitable: Yes Locally Exploitable: No OLSA-ID: OLSA-2015-8256 vulnerability -----------...
AXIS Network Camera Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications I. ADVISORY INFORMATION ----------------------- Title: Axis Network Cameras Multiple Cross-site scripting Vendor: Axis Communications Class: Improper Input Validation CWE-20 CVE Name: CVE-2015-8256 Remotely Exploitable: Yes Locally...
AXIS Communications Cross Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications Advisory Information ==================== - Title: Cross-Site Request Forgery - Vendor: AXIS Communications - Research and Advisory: Orwelllabs - Class: Session Management control CWE-352 - CVE Name: CVE-2015-8255 - Affected Versions: - I...
AXIS (Multiple Products) - Cross-Site Request Forgery
AXIS Multiple Products - Cross-Site Request Forgery 0RWELLL4BS security advisory olsa-CVE-2015-8255 PGP: 79A6CCC0 @orwelllabs Advisory Information ==================== - Title: Cross-Site Request Forgery - Vendor: AXIS Communications - Research and Advisory: Orwelllabs - Class: Session Management...
AXIS Communications Cross Site Request Forgery
0RWELLL4BS security advisory olsa-CVE-2015-8255 PGP: 79A6CCC0 @orwelllabs Advisory Information ==================== - Title: Cross-Site Request Forgery - Vendor: AXIS Communications - Research and Advisory: Orwelllabs - Class: Session Management control CWE-352 - CVE Name: CVE-2015-8255 - Affecte...
AXIS Authenticated Remote Command Execution
/ \ / \ / \ / \ / \ / \ / \ / \ / \ / \ 0 | R | W | 3 | L | L | L | 4 | 8 | 5 / / / / / / / / / / www.orwelllabs.com security advisory olsa-2015-8257 PGP: 79A6CCC0 Advisory Information ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Title: AXIS Multiple Products...
PLANET IP LFI / CSRF / XSS / Authentication Bypass
| | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | | | | \ V V / / | | | | | | \ \ /|| // ||||,|./|/ Security Adivisory 2016-04-06 www.orwelllabs.com Twitter:@orwelllabs mantra: ...not affect a product that is in scope for... AhHum! Overview ======== Technical Risk: high Likelihood of...
Merit LILIN XSS / CSRF / Credential Issues
/ \ / \ / \ / \ / \ / \ / \ / \ / \ / \ 0 | R | W | 3 | L | L | L | 4 | 8 | 5 / / / / / / / / / / www.orwelllabs.com securityadivisory @orwelllabs ;r By sitting in the alcove, and keeping well back, Winston was able to remain outside the range of the telescreen... Adivisory Information...
JVC XSS / CSRF / Header Injection / Weak Credentials
| | | | \ |\ \ \ / - | | | | - /| //||||,|.// www.orwelllabs.com security advisory olsa-2016-04-01 Adivisory Information +++++++++++++++++++++++ + Title: JVC Multiple Products Multiple Vulnerabilities + Vendor: JVC Professional Video + Research and Advisory: Orwelllabs + Adivisory URL:...
JVC HDRs / Net (Multiple Cameras) - Multiple Vulnerabilities
| | | | \ |\ \ \ / - | | | | - /| //||||,|.// www.orwelllabs.com security advisory olsa-2016-04-01 Adivisory Information +++++++++++++++++++++++ + Title: JVC Multiple Products Multiple Vulnerabilities + Vendor: JVC Professional Video + Research and Advisory: Orwelllabs + Adivisory URL:...
JVC HDRs Net (Multiple Cameras) - Multiple Vulnerabilities
JVC HDRs Net Multiple Cameras - Multiple Vulnerabilities | | | | \ |\ \ \ / - | | | | - /| //||||,|.// www.orwelllabs.com security advisory olsa-2016-04-01 Adivisory Information +++++++++++++++++++++++ + Title: JVC Multiple Products Multiple Vulnerabilities + Vendor: JVC Professional Video +...
Merit Lilin IP Cameras - Multiple Vulnerabilities
/ \ / \ / \ / \ / \ / \ / \ / \ / \ / \ 0 | R | W | 3 | L | L | L | 4 | 8 | 5 / / / / / / / / / / www.orwelllabs.com securityadivisory @orwelllabs ;r By sitting in the alcove, and keeping well back, Winston was able to remain outside the range of the telescreen... Adivisory Information...
Axis Network Cameras - Multiple Vulnerabilities
Exploit for hardware platform in category web applications I. ADVISORY INFORMATION ----------------------- Title: Axis Network Cameras Multiple Cross-site scripting Vendor: Axis Communications Class: Improper Input Validation CWE-20 CVE Name: CVE-2015-8256 Remotely Exploitable: Yes Locally...
Axis Network Cameras - Multiple Vulnerabilities
Axis Network Cameras - Multiple Vulnerabilities | | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | 6079 Smith W | | | \ V V / / | | | | | | \ \ doubleplusungood /|| // ||||,|./|/ owning some telescreens... Security Adivisory 2016-04-09 www.orwelllabs.com twt:@orwelllabs I. ADVISORY...
PLANET Technology IP Surveillance Cameras - Multiple Vulnerabilities
| | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | | | | \ V V / / | | | | | | \ \ /|| // ||||,|./|/ Security Adivisory 2016-04-06 www.orwelllabs.com Twitter:@orwelllabs mantra: ...not affect a product that is in scope for... AhHum! Overview ======== Technical Risk: high Likelihood of...
PLANET Technology IP Surveillance Cameras - Multiple Vulnerabilities
Exploit for php platform in category web applications Overview ======== Technical Risk: high Likelihood of Exploitation: medium Credits: Discovered and researched by Orwelllabs CVE-Number: N/A DWF: Submited Adivisory URL: http://www.orwelllabs.com/2016/02/planet-ip-surveillance-camera-local.html ...
PQI Air Pen Express CSRF / XSS / Insecure Direct Object Reference
| | | | | | | | | | | | / | '\ \ /\ / / \ | | |/ | ' / | | | | \ V V / / | | | | | | \ \ /|| // ||||,|./|/ Security Adivisory 2016-04-03 www.orwelllabs.com Twitter:@orwelllabs magicword: d0ubl3th1nk1ng... Overview ======= Technical Risk: high Likelihood of Exploitation: medium Vendor: PQI...
ADH-Web Server IP-Cameras - Multiple Vulnerabilities
ADH-Web Server IP-Cameras - Multiple Vulnerabilities 1. Adivisory Information Title: ADH-Web Server IP-Cameras Improper Access Restrictions EDB-ID: 38245 Advisory ID: OLSA-2015-0919 Advisory URL: http://www.orwelllabs.com/2015/10/adh-web-server-ip-cameras-improper.html Date published: 2015-09-19...