EUVD-2020-18660

Malware in sbrugna...

PT-2022-6406 · NetGear · Netgear Cax30

Name of the Vulnerable Software and Affected Versions: NETGEAR CAX30S versions affected versions not specified NETGEAR CAX30 versions affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR routers...

Information disclosure

In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/sso/config/ SSO configuration endpoint allows any logged-in user guest, standard, or admin to view and modify information...

CVE-2020-26030

An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create a valid and authenticated session that can be used to perform any actions in the name of other users...

CVE-2020-26030

CVE-2020-26030 affects Zammad prior to 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header when SSO is not configured, allowing an attacker to create a valid authenticated session and perform actions in the name of other users. The description is corroborated across ...

PT-2019-14651 · Pegasystems · Pega Platform

Name of the Vulnerable Software and Affected Versions: PEGA Platform versions 7.x through 8.x Description: The issue allows for information disclosure via a direct request to /prweb/sso/random token/!STANDARD?pyActivity=GetWebInfo&target=popup&pzHarnessID=random harness id to obtain database sche...

Cross-origin brute-forcing of Github SAML and 2FA recovery codes

Yesterday while reading my Twitter stream I found this interesting article about downloading GitHub SSO bypass codes. Same as Yasin Soliman I was invited to a Github pre-release of the organisation SAML single sign-on SSO private program. And same as him I found an issue in the same endpoint. So ...