225 matches found
CVE-2020-25783
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated heap-based buffer overflow in the function CNetClientTalk::OprMsg during incoming message handling...
CVE-2020-25782
CVE-2020-25782 affects the Accfly Wireless Security IR Camera System 720P with software versions v3.10.73–v4.15.77. The issue is an unauthenticated stack-based buffer overflow in CNetClientManage::ServerIP_Proto_Set during incoming message handling, leading to potential high-severity impact. This...
CVE-2020-25782
An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientManage::ServerIPProtoSet during incoming message handling...
Accfly Wireless Security IR Camera System 720P Software 缓冲区错误漏洞
Accfly Wireless Security IR Camera System 720P Software is an application from Accfly USA for controlling this camera. A buffer overflow vulnerability exists in Accfly Wireless Security IR Camera System 720P Software versions v3.10.73 through v4.15.77, which stems from an unauthenticated...
Exploit for Out-of-bounds Write in Accfly 720P_Firmware
PoC exploit for CVE-2020-25782, CVE-2020-25783, CVE-2020-25784,...
CVE-2019-3405
The CVE-2019-3405 issue affects 360F5 firmware 3.1.3.64296 and lower. A third party can craft and send a specific illegal 802.11 Null Data Frame to cause the AP to transmit a deauthentication frame, disconnecting wireless clients and enabling a DoS against the router’s wireless. The available sou...
Kr00k vulnerability (CVE-2019-15126) in Broadcom and Cypress Wi-Fi chips
During the RSA conference of February 26th 2020, researchers Štefan Svorencík and Robert Lipovsky disclosed a vulnerability in the implementation of the wireless egress packet processing of certain Broadcom Wi-Fi chipsets. This vulnerability is referenced as CVE-2019-15126 and could allow an...
This One Time on a Pen Test: Thanks for Sharing Your Wi-Fi
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part of an ongoing series featuring testimonials of what goes on beneath the hoodie. For more insights, check out our 2020 Under the Hoodie report. For...
Edimax Technology EW-7438RPn-v3 Mini 1.27 - Remote Code Execution Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Edimax Technology EW-7438RPn-v3 Mini 1.27 - Remote Code Execution Exploit Author: Wadeek Hardware Version: EW-7438RPn-v3 Mini Firmware Version: 1.23 / 1.27 Vendor Homepage:...
CVE-2012-2736
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network...
DEBIAN-CVE-2012-2736
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network...
Open redirect
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network...
Amazon's Ring Video Doorbell Lets Attackers Steal Your Wi-Fi Password
Security researchers at Bitdefender have discovered a high-severity security vulnerability in Amazon's Ring Video Doorbell Pro devices that could allow nearby attackers to steal your WiFi password and launch a variety of cyberattacks using MitM against other devices connected to the same network...
SUSE-SU-2019:2859-1 Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-19718 fixes several issues. The following security issues were fixed: - CVE-2019-10220: Fixed a relative path escape in the Samba client module bsc1144903, bsc1153108. - CVE-2019-17133: Fixed a buffer overflow in cfg80211mgdwextgiwessid in...
Eaphammer v1.9.0 - Targeted Evil Twin Attacks Against WPA2-Enterprise Networks
by Gabriel Ryan s0lst1c3gryanatspecterops.io EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus is placed on providing an easy-to-use interface tha...
Null pointer dereference
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the allocworkqueue return value, leading to a NULL pointer dereference...
Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting
Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting Exploit Title: tenda D301 v2 modem router stored xss CVE-2019-13492 Exploit Author: ABDO10 Date : July, 11th 2019 Product : Tenda D301 v2 Modem Router version : v2 Vendor Homepage:...
Novatek NT9665X HFS Recv buffer overflow code execution vulnerability
Summary An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9.” A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code executio...
CVE-2019-6279
ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have an Incorrect Access Control vulnerability via the cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity URI, allowing an Attacker to change the Wireless Security Password...
PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Request Forgery
PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Request Forgery Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Cross-Site Request Forgery CSRF Date: 14/01/2019 Exploit Author: Kumar Saurav Reference:...