15 matches found
(0Day) Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists within the permissions granted to a storage account token. An attacker can leverage this...
EUVD-2017-5930
Malware in sbrugna...
CVE-2025-10643
Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists...
CVE-2025-10643
Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists...
CVE-2025-10643
Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists...
CVE-2025-10643 Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability
Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists...
CVE-2025-10643
Wondershare Repairit contains an authentication bypass vulnerability (CVE-2025-10643) caused by incorrect permissions for a storage account token. The flaw allows remote attackers to bypass authentication on affected installations, with CVSS3 base score 9.1 (CRITICAL) and an attack vector of NETW...
Microsoft mitigated exposure of internal information in a storage account due to overly-permissive SAS token
Summary As part of a recent Coordinated Vulnerability Disclosure CVD report from Wiz.io, Microsoft investigated and remediated an incident involving a Microsoft employee who shared a URL for a blob store in a public GitHub repository while contributing to open-source AI learning models. This URL...
Citrix MCS failed when Azure storage account configured with TLS 1.2 Version.
Citrix MCS fails if the Azure storage account is configured with the TLS 1.2 version...
BlobHunter - Find Exposed Data In Azure With This Public Blob Scanner
An opensource tool for scanning Azure blob storage accounts for publicly opened blobs. BlobHunter is a part of "Hunting Azure Blobs Exposes Millions of Sensitive Files" research: https://www.cyberark.com/resources/threat-research-blog/hunting-azure-blobs-exposes-millions-of-sensitive-files Overvi...
Threat matrix for storage services
The move to cloud is happening faster than ever before and organizations are increasing their dependency on cloud storage services. In fact, Microsoft Azure Storage services are one of the most popular services in the cloud. Companies need effective threat protection and mitigation strategies and...
Threat matrix for storage services
The move to cloud is happening faster than ever before and organizations are increasing their dependency on cloud storage services. In fact, Microsoft Azure Storage services are one of the most popular services in the cloud. Companies need effective threat protection and mitigation strategies and...
WAGO PFC200 Cloud Connectivity Multiple Command Injection Vulnerabilities
Summary An exploitable command injection vulnerability exists in the cloud connectivity feature of WAGO PFC200. An attacker can inject operating system commands into any of the parameter values contained in the firmware update command. Tested Versions WAGO PFC200 Firmware version 03.02.0214 WAGO...
CVE-2017-14427
D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 and REV. B with firmware through FW208WWb02 devices have 0666 /var/run/storageaccountroot permissions...
CVE-2017-14427
D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 and REV. B with firmware through FW208WWb02 devices have 0666 /var/run/storageaccountroot permissions...