CVE-2023-47254

An OS Command Injection in the CLI interface on DrayTek Vigor167 version 5.2.2, allows remote attackers to execute arbitrary system commands and escalate privileges via any account created within the web interface...

CVE-2023-47254

An OS Command Injection in the CLI interface on DrayTek Vigor167 version 5.2.2, allows remote attackers to execute arbitrary system commands and escalate privileges via any account created within the web interface...

A week in security (December 9 – 15)

Last week on Malwarebytes Labs, we cautioned readers against purchasing potentially privacy-invasive, cyber-insecure smart doorbells, warned about a new credit card skimmer vulnerability embedded within hundreds of fraudulent web sites selling supposedly name-brand shoes, and looked at the newest...

Symantec Discovery Web Accounts Null Password

SUMMARY Risk Impact Medium Remote Access | Yes ---|--- Local Access | Yes Authentication Required | No Exploit publicly available | NA AFFECTED PRODUCTS Product | Version | Solution ---|---|--- ON Command Discovery Standard Edition | 4.5.x | Downloadable Updates ON Command Discovery Web Edition |...