EUVD-2018-7409

Malware in sbrugna...

Geutebrueck re_porter 16 DVR Cross-site Scripting (CVE-2018-15533)

A cross-site scripting vulnerability exists in Geutebrueck re porter 16 firmware x under 7.8.974.20. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Geutebrueck re_porter 7.8.974.20 - Credential Disclosure Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Geutebrueck reporter 7.8.974.20 - Credential Disclosure Exploit Author: Kamil Suska Vendor: https://www.geutebrueck.com/enUS.html Link: https://www.sourcesecurity.com/geutebruck-re-porter-16-technical-details.html Version:...

Geutebrueck re_porter 16 - Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Geutebrueck reporter 16 - Cross-Site Scripting Exploit Author: Kamil Suska Vendor: https://www.geutebrueck.com/enUS.html Link: https://www.sourcesecurity.com/geutebruck-re-porter-16-technical-details.html Version: prior...

Geutebrueck re_porter cross-site scripting vulnerability

Geutebrueck is a video management system from GEUREBRÜCK, Germany. sreporter is one of the hybrid recorders for digital storage and video signal transmission for MPEG4 CCTV-Standard. A cross-site scripting vulnerability exists in Geutebrueck reporter 16 versions prior to 7.8.974.20. A remote...

Geutebrueck re_porter 16 - Cross-Site Scripting

Geutebrueck reporter 16 - Cross-Site Scripting Exploit Title: Geutebrueck reporter 16 - Cross-Site Scripting Date: 2018-08-03 Exploit Author: Kamil Suska Vendor: https://www.geutebrueck.com/enUS.html Link: https://www.sourcesecurity.com/geutebruck-re-porter-16-technical-details.html Version: prio...

Geutebrueck re_porter 7.8.974.20 - Credential Disclosure

Exploit Title: Geutebrueck reporter 7.8.974.20 - Credential Disclosure Date: 2018-08-03 Exploit Author: Kamil Suska Vendor: https://www.geutebrueck.com/enUS.html Link: https://www.sourcesecurity.com/geutebruck-re-porter-16-technical-details.html Version: prior 7.8.974.20 CVE-2018-15534 PoC GET...

CVE-2018-15534

Geutebrueck reporter 16 before 7.8.974.20 has a possibility of unauthenticated access to sensitive information including usernames and hashes via a direct request for /statistics/gscsetup.xml on TCP port 12003...

Cross site scripting

A reflected cross-site scripting vulnerability exists in Geutebrueck reporter 16 before 7.8.974.20 by appending a query string to /modifychannel/exec or /images/.png on TCP port 12005...

CVE-2018-15533

A reflected cross-site scripting vulnerability exists in Geutebrueck reporter 16 before 7.8.974.20 by appending a query string to /modifychannel/exec or /images/.png on TCP port 12005...

CVE-2018-15533

A reflected cross-site scripting vulnerability exists in Geutebrueck reporter 16 before 7.8.974.20 by appending a query string to /modifychannel/exec or /images/.png on TCP port 12005...

CVE-2018-15533

A reflected cross-site scripting vulnerability exists in Geutebrueck reporter 16 before 7.8.974.20 by appending a query string to /modifychannel/exec or /images/.png on TCP port 12005...

CVE-2018-15533

Geutebrueck re_porter 16 firmware versions prior to 7.8.974.20 contain a reflected cross-site scripting (XSS) vulnerability. The issue occurs by appending a query string to /modifychannel/exec or /images/.png on TCP port 12005, enabling an attacker to inject arbitrary web script into the affected...

CVE-2018-15534

Geutebrueck reporter 16 before 7.8.974.20 has a possibility of unauthenticated access to sensitive information including usernames and hashes via a direct request for /statistics/gscsetup.xml on TCP port 12003...

CVE-2018-15534

Geutebrueck re_porter 16 before 7.8.974.20 is affected. An unauthenticated request to /statistics/gscsetup.xml on TCP port 12003 can disclose usernames and password hashes (as shown in PoC evidence). Exploitation details are documented in multiple sources (exploit-db/0day.today/packetstorm). A fi...

Geutebruck re_porter 16 Credential Disclosure

Exploit Title: Geutebruck reporter 16 Credentials Disclosure Date: 03-08-2018 Exploit Author: Kamil Suska Vendor Homepage: https://www.geutebrueck.com//media/public/products/descriptionsarchive/en/reporterecon7.74007IADEENFRES.pdf Version: prior 7.8.974.20 CVE-2018-15534 GET...