EUVD-2020-11110

Malware in sbrugna...

CVE-2023-43893

Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeupmac parameter in the Wake-On-LAN WoL function. This vulnerability is exploited via a crafted payload...

Command injection

Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeupmac parameter in the Wake-On-LAN WoL function. This vulnerability is exploited via a crafted payload...

CVE-2023-43893

CVE-2023-43893 concerns Netis N3Mv2-V1.0.1.865, where the Wake-On-LAN (WoL) function’s wakeup_mac parameter is vulnerable to command injection via a crafted payload. The issue is described across multiple sources (NVD, Red Hat, CVE List, CNNVD, etc.) as a router/network device vulnerability with ...

CVE-2023-43893

Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeupmac parameter in the Wake-On-LAN WoL function. This vulnerability is exploited via a crafted payload...

CVE-2023-43893

Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the wakeupmac parameter in the Wake-On-LAN WoL function. This vulnerability is exploited via a crafted payload...

Hardcoded credentials

UNSUPPORTED WHEN ASSIGNED D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' at SetVirtualServerSettings.php...

CVE-2022-29778

The vulnerability CVE-2022-29778 affects D-Link DIR-890L (firmware 1.20b01). The issue arises from a hardcoded Wake-On-Lan option for the descriptor parameter in SetVirtualServerSettings.php, enabling an attacker to execute arbitrary code. Concrete impact is high (remote code execution) with netw...

CVE-2022-29778

D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary code due to the hardcoded option Wake-On-Lan for the parameter 'descriptor' at SetVirtualServerSettings.php...

Ryuk Ransomware: Now with Worming Self-Propagation

A new version of the Ryuk ransomware is capable of worm-like self-propagation within a local network, researchers have found. The variant first emerged in Windows-focused campaigns earlier in 2021, according to the French National Agency for the Security of Information Systems ANSSI. The agency...

TAU Threat Analysis: Hakbit Ransomware

The bad actors behind Hakbit ransomware recently released an updated variant of their ransomware, which encrypts the victim’s data and demands 3 Bitcoins in ransom payment. This updated variant is delivered via phishing email as a malicious Excel document, and contains added functionality from th...

TAU Threat Analysis: Hakbit Ransomware

The bad actors behind Hakbit ransomware recently released an updated variant of their ransomware, which encrypts the victim’s data and demands 3 Bitcoins in ransom payment. This updated variant is delivered via phishing email as a malicious Excel document, and contains added functionality from th...

Ubuntu: Security Advisory (USN-3371-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel (HWE) kernel vulnerabilities (USN-3371-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3371-1 advisory. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive...

USN-3371-1: Linux kernel (HWE) kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 Alexander Potapenko discovered a race condition in the Advanced Linux Sound Architecture ALSA subsystem i...

Ubuntu 16.04 LTS : Linux kernel (AWS, GKE) vulnerabilities (USN-3364-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3364-3 advisory. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive...

USN-3364-3: Linux kernel (AWS, GKE) vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3364-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3364-1 advisory. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive...

USN-3364-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 It was discovered that the Linux kernel did not properly restrict access to /proc/iomem. A local attacker...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3360-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3360-1 advisory. It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive...