Document Title:
===
D-Link DWL-2600AP - (Authenticated) OS Command Injection (Restore Configuration)
Product & Service Introduction:
===
The D-Link DWL-2600AP has a web interface for configuration. You can use any
web browser you like to login to the D-Lin
Qualys Security Advisory
The Return of the WIZard: RCE in Exim (CVE-2019-10149)
Contents
Summary
Local exploitation
Remote exploitation
- Non-defaul
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1
AirPort Base Station Firmware Update 7.9.1 is now available and
addresses the following:
AirPort Base Station Firmware
Available for: AirPort Extreme and AirPort Time Capsule base stat
Hi,
We've just released version 2.0 of our PE crypter, hyperion.
[ CHANGELOG ]
- Support for 64bit was added
- C++ has been replaced by a more clean C implementation
- More modular concept allows extensions with custom payloads
[ DESCR ]
Hyperion is a runtime encrypter for 32- and 64-bit
Advisory ID: SYSS-2019-015
Product: R700 Laser Presentation Remote
Manufacturer: Logitech
Affected Version(s): Model R-R0010 (PID WD904XM and PID WD802XM)
Tested Version(s): Model R-R0010 (PID WD904XM and PID WD802XM)
Vulnerability Type: Insufficient Verification of Data Authenticity (CWE-345)
Advisory ID: SYSS-2019-008
Product: 2.4 GHz Wearable Wireless Presenter WP2002
Manufacturer: Inateck
Affected Version(s): n/a
Tested Version(s): n/a
Vulnerability Type: Insufficient Verification of Data Authenticity (CWE-345)
Keystroke Injection Vulnerability
Risk Level: High
So
Advisory ID: SYSS-2019-007
Product: 2.4 GHz Wireless Presenter WP1001
Manufacturer: Inateck
Affected Version(s): Rev. v1.3C
Tested Version(s): Rev. v1.3C
Vulnerability Type: Insufficient Verification of Data Authenticity (CWE-345)
Keystroke Injection Vulnerability
Risk Level: Hi
The Goby is a new network security tool for cybersecurity asset management.
After nearly six months of development, version 1.0 is being released to
the public.
Goby's main objective is to scan cybersecurity assets and vulnerabilities
with shortest time and minimum packets, which is first analyzin
Local Privilege Escalation in Rapid7’s Windows Insight IDR Agent
Metadata
===
Release Date: 03-Jun-2019
Author: Florian Bogner @ https://bee-itsecurity.at
Affected product: Rapid7’s Insight Agent v2.6.3.14 and earlier for Windows
Fixed in: version 2
Hello,
We are informing you about the vulnerabilities we reported in Shopware
5.5.6.
*Information:*
Advisory by Netsparker
Name: Multiple Cross-site Scripting Vulnerabilities in Shopware
Affected Software: Shopware
Affected Versions: 5.5.6
Homepage: https://en.shopware.com/
Vulnerability: Cr
HiddenWall is a Linux kernel module generator for custom rules with
netfilter. (block ports, Hidden mode, rootkit functions etc). The
motivation: on bad situation, attacker can put your iptables/ufw to fall...
but if you have HiddenWall, the attacker will not find the hidden kernel
module that blo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
### Device Details
Discovered By: Andrew Klaus (and...@aklaus.ca)
Vendor: Actiontec (Telus Branded)
Model: T2200H
Affected Firmware: T2200H-31.128L.08
Device Manual:
http://static.telus.com/common/cms/files/internet/telus_t2200h_user_manu
al.pdf
Re
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
### Device Details
Discovered By: Andrew Klaus (and...@aklaus.ca)
Vendor: Actiontec (Telus Branded, but may work on others)
Model: WEB6000Q
Affected Firmware: 1.1.02.22
Reported: Sept 2018
CVE: Not needed since update is pushed by the provider.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
### Device Details
Vendor: Actiontec (Telus Branded, but may work on others)
Model: T2200H
Affected Firmware: T2200H-31.128L.08
Device Manual:
http://static.telus.com/common/cms/files/internet/telus_t2200h_user_manu
al.pdf
Reported: Sept 2018
CVE:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
### Device Details
Discovered By: Andrew Klaus (and...@aklaus.ca)
Vendor: Actiontec (Telus Branded)
Model: WEB6000Q
Affected Firmware: 1.1.02.22
Reported: July 2018
CVE: Not needed since update is pushed by the provider.
### Summary of Findings
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
### Device Details
Discovered By: Andrew Klaus (and...@aklaus.ca)
Vendor: Actiontec (Telus Branded)
Model: WEB6000Q
Affected Firmware: 1.1.02.22
Reported: July 2018
CVE: CVE-2018-15557
### Summary of Findings
Two instances of Linux run on the WE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
### Device Details
Discovered By: Andrew Klaus (and...@aklaus.ca)
Vendor: Actiontec (Telus Branded)
Model: WEB6000Q
Affected Firmware: 1.1.02.22
Reported: July 2018
CVE: CVE-2018-1 (Main OS)
CVE: CVE-2018-15556 (Quantenna OS)
### Summary of F
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
### Device Details
Discovered By: Andrew Klaus (and...@aklaus.ca)
Vendor: Actiontec (Telus Branded, but may work on others)
Model: T2200H (but very likely affecting other models of theirs)
Affected Firmware: T2200H-31.128L.08
Device Manual:
http://
18 matches
Mail list logo
