Foscam IP Video Camera CGIProxy.fcgi Gateway Address Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...

Foscam IP Video Camera CGIProxy.fcgi SMTP Test Host Parameter Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the “msmtprc” configuration file resulting...

Foscam IP Video Camera CGIProxy.fcgi Account Deletion Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during a password change resultin...

Foscam IP Video Camera CGIProxy.fcgi DNS1 Address Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...

Foscam IP Video Camera WebService CGI Parameter Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera. A specially crafted http request can cause a stack-based buffer overflow resulting in overwriting arbitrary data on the stack frame. An attacker can simp...

Foscam IP Video Camera CGIProxy.fcgi DNS2 Address Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...

Foscam C1 Webcam FTP Hard Coded Password Vulnerability

Summary Hard-coded FTP credentials r:r are included in the Foscam C1 running firmware 1.9.1.12. Knowledge of these credentials would allow remote access to any cameras found on the internet that do not have port 50021 blocked by an intermediate device. Tested Versions Foscam C1 Firmware Version...

Foscam IP Video Camera CGIProxy.fcgi Account Creation Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during account creation resulting...

Foscam IP Video Camera CGIProxy.fcgi SMTP Test Password Parameter Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the “msmtprc” configuration file resulting...

Foscam IP Video Camera CGIProxy.fcgi SMTP Test Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SMTP configuration tes...

Foscam IP Video Camera CGIProxy.fcgi Change Username pureftpd.passwd Injection Vulnerability

Summary An exploitable injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username...

Foscam IP Video Camera CGIProxy.fcgi Query Append Buffer Overflow Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply...

Foscam IP Video Camera CGIProxy.fcgi SMTP Test User Parameter Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the “msmtprc” configuration file resulting...

Foscam IP Video Camera CGIProxy.fcgi FTP Startup Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters resulting in command injection...

Tablib Yaml Load Code Execution Vulnerability

Summary An exploitable vulnerability exists in the Databook loading functionality of Tablib. A yaml loaded Databook can execute arbitrary python commands resulting in command execution. An attacker can insert python into loaded yaml to trigger this vulnerability. Tested Versions Tablib v0.11.4...

Artifex MuPDf JBIG2 Parser Code Execution Vulnerability

Summary An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the...

MuPDF Fitz library font glyph scaling Code Execution Vulnerability

Summary An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victi...

Hancom Thinkfree NEO Hangul Word Processor HWPTAG_TAB_DEF Tab Count Code Execution Vulnerability

Summary An exploitable heap-based buffer overflow exists in the Hangul Word Processor component version 9.6.1.4350 of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause an integer underflow resulting in a buffer overflow which can lead to code execution under th...

PowerIso Parsing Code Execution Vulnerability

Summary An stack buffer overflow vulnerability exists in the ISO parsing functionality of Power Software Ltd PowerISO. A specially crafted ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific ISO file to trigger this vulnerability. Tested...

PowerISO ISO Parsing Use After Free

Summary A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .ISO file to trigger this vulnerability. Tested Versions PowerISO 6.8 6, ...

WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability

Summary An exploitable off-by-one write vulnerability exists in the x509 certificate parsing functionality of wolfSSL library versions up to 3.10.2. A specially crafted x509 certificate can cause a single out of bounds byte overwrite resulting in potential certificate validation vulnerabilities,...

AntennaHouse DMC HTMLFilter FillRowFormat Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the FillRowFormat functionality of AntennaHouse DMC HTMLFilter that is shipped with MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide maliciou...

AntennaHouse DMC HTMLFilter iBldDirInfo Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the iBldDirInfo functionality of AntennaHouse DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can provide a malicious xls file to...

AntennaHouse DMC HTMLFilter Txo Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the Txo functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigge...

AntennaHouse DMC HTMLFilter AddSst Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the AddSst functionality of AntennaHouse DMC HTMLFilter as used by MarkLogioc 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide a malicious XLS file to...

AntennaHouse DMC HTMLFilter PPT DHFSummary Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a stack corruption resulting in arbitrary code execution. An attacker can send/provide maliciou...

AntennaHouse DMC HTMLFilter DHFSummary Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can provide a malicious doc file to trigger this vulnerability...

AntennaHouse DMC HTMLFilter GetIndexArray Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the GetIndexArray functionality of AntennaHouse DMC HTMLFilter as used by MarkLogioc 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide a malicious XLS...

AntennaHouse DMC HTMLFilter Doc_GetFontTable Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the DocGetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger this...

AntennaHouse DMC HTMLFilter UnCompressUnicode Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the UnCompressUnicode functionality of AntennaHouse DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS fil...

AntennaHouse DMC HTMLFilter PPT ParseEnvironment Code Execution Vulnerability

Summary An exploitable heap overflow vulnerability exists in the ParseEnvironment functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious PPT fil...

AntennaHouse DMC HTMLFilter Doc_SetSummary Code Execution Vulnerability

AntennaHouse DMC HTMLFilter DocSetSummary Code Execution Vulnerability Summary An exploitable heap corruption vulnerability exists in the DocSetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An...

Randombit Botan Library X509 Certificate Validation Bypass Vulnerability

Summary A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in...

Zabbix Server Active Proxy Trapper Remote Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X . A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger this...

Zabbix Proxy Server SQL Database Write Vulnerability

Summary An exploitable database write vulnerability exists in the trapper functionality of Zabbix Server 2.4.X . Specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker set up a Man-in-the-Middle server to alter trapper requests made between ...

IrfanView JPEG 2000 Reference Tile Width Arbitrary Code Execution Vulnerability

IrfanView JPEG 2000 Reference Tile Width Arbitrary Code Execution Vulnerability Summary An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation...

Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability

Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...

Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability

Talos Vulnerability Report TALOS-2017-0231 Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability April 21, 2017 Report ID CVE-2016-8717 Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The devic...

ARM Mbedtls x509 ECDSA invalid public key Remote Code Execution Vulnerability

Summary An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbedTLS 2.4.0. A specially crafted x509 certificate, when parsed by mbedTLS library, can cause an invalid free of a stack pointer leading to a potential remote code execution. In order ...

Moxa AWK-3131A Web Application Ping Command Injection Vulnerability

Summary An exploitable OS Command Injection vulnerability exists in the web application ‘ping’ functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device...

Lexmark Perceptive Document Filters XLS ShapeHLink Information Disclosure Vulnerability

Summary An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory disclosure. The vulnerability was confirmed on versions 11.3.0.2228 and 11.3.0.2400 Tested...

Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability

Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability Summary An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without...

Moxa AWK-3131A Web Application Cleartext Transmission of Password Vulnerability

Summary An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of...

Moxa AWK-3131A Web Application Cross-Site Request Forgery Vulnerability

Summary An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an...

Moxa AWK-3131A web_runScript Header Manipulation Denial of Service Vulnerability

Summary An exploitable null pointer dereference vulnerability exists in the Web Application /forms/webrunScript iwfilename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. An HTTP POST request with a blank line in the header will cause a segmentation fault in the web...

Moxa AWK-3131A HTTP GET Denial of Service Vulnerability

Summary An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an ‘/’ will cause a segmentation fault in the web server. An attacker can send any of a multitude of...

Moxa AWK-3131A Web Application onekey Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker. Tested Versions Moxa...

Moxa AWK-3131A Web Application systemlog.log Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. Tested Versions Moxa AWK-3131...

Moxa AWK-3131A serviceAgent Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted TCP query will allow an attacker to retrieve potentially sensitive information. Tested Versions Moxa AWK-3131A...

Moxa AWK-3131A Web Application Multiple Reflected Cross-Site Scripting Vulnerabilities

Summary An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim. Tested Versions...