32 matches found
PT-2024-29989 · Hughes Network Systems +1 · Wl3000 Fusion +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves credentials to access device configuration being transmitted using an unencrypted protocol. This allows read-only access to network...
Design/Logic Flaw
Communication between the client and the server application of the affected products is partially done using CORBA Common Object Request Broker Architecture over TCP/IP. This protocol is not encrypted and allows tracing of internal messages. This issue affects FOXMAN-UN product: FOXMAN-UN R15B,...
CVE-2022-3929 Communication between the client and server partially using CORBA over TCP/IP
Communication between the client and the server application of the affected products is partially done using CORBA Common Object Request Broker Architecture over TCP/IP. This protocol is not encrypted and allows tracing of internal messages. This issue affects FOXMAN-UN product: FOXMAN-UN R15B,...
Stalkerware Apps Riddled with Security Bugs
Android stalkerware apps – used to surreptitiously track people’s movements and digital activities – turn out to themselves be rife with security holes that put victims in even danger. Stalkerware can track the GPS location of a victim’s device, record conversations, capture images and snoop on...
poco code execution vulnerability
poco is an open source C++ class library for building web-based applications on servers, desktops and embedded systems. A security vulnerability exists in poco that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker could exploit the...
Dahua DHI-HCVR7216A-S3 Man-in-the-Middle Attack Vulnerability
Dahua DHI-HCVR7216A-S3 is a network DVR product from China Dahua Dahua. A man-in-the-middle attack vulnerability exists in Dahua DHI-HCVR7216A-S3 V3.210.0001.10 build 2016-06-06. As the Dahua DVR protocol running on TCP port 37777 is an unencrypted binary protocol. It allows an attacker to create...
CVE-2017-6432
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of...
CVE-2017-6432
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Man-in-the-Middle attack allows both sniffing and injections of packets, which allows creation of...
ESC 8832 Data Controller Session Hijacking
=begin Exploit Title: ESC 8832 Data Controller multiple vulnerabilities Date: 2014-05-29 Platform: SCADA / Web Application Exploit Author: Balazs Makany Vendor Homepage: www.envirosys.com Version: ESC 8832 Data Controller Hardware Tested on: ESC 8832 Data Controller Hardware CVE : N/A Yet POC for...
ESC 8832 Data Controller - Multiple Vulnerabilities
ESC 8832 Data Controller - Multiple Vulnerabilities =begin Exploit Title: ESC 8832 Data Controller multiple vulnerabilities Date: 2014-05-29 Platform: SCADA / Web Application Exploit Author: Balazs Makany Vendor Homepage: www.envirosys.com Version: ESC 8832 Data Controller Hardware Tested on: ESC...
CVE-2005-4704
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 through SP3, 7.0 through SP6, and 6.1 through SP7, when SSL is intended to be used, causes an unencrypted protocol to be used in certain unspecified circumstances, which causes user credentials to be sent across the network...
X Display Manager Control Protocol (XDMCP) Detection
The X Display Manager Control Protocol XDMCP service allows a Unix user to remotely obtain a graphical X11 login and therefore act as a local user on the remote host. If an attacker can gain a valid login and password, this service could be used to gain further access on the remote host. An...