‼ CVE-2021-20636 ‼
📖 Read
via "National Vulnerability Database".
Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/PR5B allows remote attackers to hijack the authentication of administrators via a specially crafted URL. As a result, unintended operations to the device such as changes of the device settings may be conducted.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20644 ‼
📖 Read
via "National Vulnerability Database".
ELECOM WRC-1467GHBK-A allows arbitrary scripts to be executed on the user's web browser by displaying a specially crafted SSID on the web setup page.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20642 ‼
📖 Read
via "National Vulnerability Database".
Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/RS allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20638 ‼
📖 Read
via "National Vulnerability Database".
LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27204 ‼
📖 Read
via "National Vulnerability Database".
Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20648 ‼
📖 Read
via "National Vulnerability Database".
ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20635 ‼
📖 Read
via "National Vulnerability Database".
Improper restriction of excessive authentication attempts in LOGITEC LAN-WH450N/GR allows an attacker in the wireless range of the device to recover PIN and access the network.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20643 ‼
📖 Read
via "National Vulnerability Database".
Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the administrative password of the affected device by processing a specially crafted request.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20637 ‼
📖 Read
via "National Vulnerability Database".
Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/PR5B allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27205 ‼
📖 Read
via "National Vulnerability Database".
Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20651 ‼
📖 Read
via "National Vulnerability Database".
Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20645 ‼
📖 Read
via "National Vulnerability Database".
Cross-site scripting vulnerability in ELECOM WRC-300FEBK-A allows remote authenticated attackers to inject arbitrary script via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20650 ‼
📖 Read
via "National Vulnerability Database".
Cross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RMWH2 allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20641 ‼
📖 Read
via "National Vulnerability Database".
Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/RS allows remote attackers to hijack the authentication of administrators via a specially crafted URL. As a result, unintended operations to the device such as changes of the device settings may be conducted.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20647 ‼
📖 Read
via "National Vulnerability Database".
Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-S allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27188 ‼
📖 Read
via "National Vulnerability Database".
The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a denial of service (access suspended for five hours) by making five invalid login attempts to a victim's account.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20640 ‼
📖 Read
via "National Vulnerability Database".
Buffer overflow vulnerability in LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute an arbitrary OS command via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-20639 ‼
📖 Read
via "National Vulnerability Database".
LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors.📖 Read
via "National Vulnerability Database".
🕴 You've Got Cloud Security All Wrong: Managing Identity in a Cloud World 🕴
📖 Read
via "Dark Reading".
In a hybrid and multicloud world, identity is the new perimeter and a critical attack surface for bad actors.📖 Read
via "Dark Reading".
Dark Reading
You've Got Cloud Security All Wrong: Managing Identity in a Cloud World
In a hybrid and multicloud world, identity is the new perimeter and a critical attack surface for bad actors.
🦿 Why cybersecurity insurance may be worth the cost 🦿
📖 Read
via "Tech Republic".
Cybersecurity insurance can compensate you in the event of a cyberattack. But how do you determine the right policy for your needs?📖 Read
via "Tech Republic".
TechRepublic
Why cybersecurity insurance may be worth the cost
Cybersecurity insurance can compensate you in the event of a cyberattack. But how do you determine the right policy for your needs?
🔏 Friday Five 2/12 🔏
📖 Read
via "Digital Guardian".
A hack of a water treatment plant, SIM swapping used on celebrities, and a popular barcode app turned into malware - catch up on all of the week's infosec news with the Friday Five!📖 Read
via "Digital Guardian".
Digital Guardian
Friday Five 2/12
A hack of a water treatment plant, SIM swapping used on celebrities, and a popular barcode app turned into malware - catch up on all of the week's infosec news with the Friday Five!