51 matches found
EUVD-2018-7328
Malware in sbrugna...
EUVD-2018-1237
Malware in sbrugna...
EUVD-2018-7307
Malware in sbrugna...
CVE-2024-5951
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...
CVE-2024-5952
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability...
CVE-2024-5947
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...
CVE-2024-5947 Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...
CVE-2024-5947 Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...
CVE-2024-5947
The CVE-2024-5947 issue affects Deep Sea Electronics DSE855. It arises from a missing authentication flow in the web UI that allows access to the configuration backup (Backup.bin), enabling network-adjacent attackers to disclose stored credentials. The flaw is exploitable without authentication v...
CVE-2024-5951
CVE-2024-5951 affects Deep Sea Electronics DSE855 devices. The flaw occurs in the web-based UI where there is a lack of authentication before granting access to functions, enabling network-adjacent attackers to trigger a denial-of-service by abusing authenticated-access gaps. Documents consistent...
CVE-2024-5951 Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...
CVE-2024-5952 Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability...
CVE-2024-5952 Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability...
CVE-2024-5952
CVE-2024-5952 affects Deep Sea Electronics DSE855 devices. The flaw is in the web-based UI where authentication is not required, allowing network-adjacent attackers to bypass auth and trigger a denial-of-service condition. Documented by ZDI (ZDI-24-676) and referenced in NVD/NVD-derived entries; ...
(0Day) Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based UI. The issue results from the lack ...
(0Day) Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based UI. The issue results from the lack of...
CVE-2023-20189
CVE-2023-20189 affects Cisco Small Business Series Switches with a vulnerable web-based UI. The issue is caused by improper validation of requests to the web interface, allowing an unauthenticated remote attacker to cause a DoS or to execute arbitrary code with root privileges. Cisco’s advisory C...
Striker - A Command And Control (C2)
Striker is a simple Command and Control C2 program. Disclaimer This project is under active development. Most of the features are experimental, with more to come. Expect breaking changes. Features A Agents Native agents for linux and windows hosts. Self-contained, minimal python agent should you...
CVE-2021-20995 WAGO: Managed Switches: Storage of user credentials in a cookie
In multiple managed switches by WAGO in different versions the webserver cookies of the web based UI contain user credentials...
Cisco IOS XE Software Arbitrary File Write (cisco-sa-20180328-wfw)
According to its self-reported version, Cisco IOS XE Software is affected by an arbitrary file write vulnerability in the web-based user interface web UI due to insufficient input validation of HTTP requests that are sent to the web UI of the affected software. An authenticated, remote attacker c...