LazyAdmin-Writeup

LazyAdmin-Writeup Beginner-friendly TryHackMe LazyAdmin writeu...

PT-2024-5088 · Siemens · Sinema Remote Connect Server

Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 SP1 Description: A vulnerability has been identified that allows an attacker to create a user with administrative privileges. This issue is related to insecure privilege management and the...

Rapid7 Insight Agent 安全漏洞

Rapid7 Insight Agent is a lightweight software from Rapid7, Inc. that collects data from IT assets. The software is capable of collecting data from IT assets.An arbitrary file reading vulnerability exists in Rapid7 Insight Agent versions prior to 3.1.3, which stems from the software's lack of...

Siemens Industrial Edge Management 授权问题漏洞

An authorization bypass vulnerability exists in Siemens Industrial Edge Management, a Siemens platform for hosting applications from various vendors on a computing platform close to the shop floor. Lack of effective privilege management for changing passwords. The vulnerability allows an attacker...

Micro Focus NetIQ Access Manager 信息泄露漏洞

Micro Focus NetIQ Access Manager NAM is a resource access control solution from Micro Focus UK. The solution provides multiple authentication, data encryption, single sign-on, and SSLVPN for local and remote users. An information disclosure vulnerability exists in NetIQ Access Manager, which aris...

CVE-2019-19364

The CVE-2019-19364 entry concerns Sony Catalyst Production Suite 2019.1 (1.1.0.21) and Catalyst Browse 2019.1 (1.1.0.21). The vulnerability is a DLL hijacking flaw in the installers, which load DLLs that do not exist from the current directory, enabling a weak malicious user to escalate privilege...

ceph-deploy weak privilege vulnerability

ceph-deploy is a set of tools for deploying clustered storage systems. ceph-deploy fails to securely create ceph/ceph.client.admin.keyring file permissions, allowing a local attacker to read the file for sensitive information...