βΌ CVE-2022-38616 βΌ
π Read
via "National Vulnerability Database".
SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /feegroups/tgrt_group.jsf.π Read
via "National Vulnerability Database".
π΄ Lorenz Ransomware Goes After SMBs via Mitel VoIP Phone Systems π΄
π Read
via "Dark Reading".
The ransomware gang has been seen exploiting a Mitel RCE flaw discovered in VoIP devices in April (and patched in July) to perform double-extortion attacks.π Read
via "Dark Reading".
Dark Reading
Lorenz Ransomware Goes After SMBs via Mitel VoIP Phone Systems
The ransomware gang has been seen exploiting a Mitel RCE flaw discovered in VoIP devices in April (and patched in July) to perform double-extortion attacks.
ποΈ Letβs Encrypt builds infrastructure to support browser-based certificate revocation revival ποΈ
π Read
via "The Daily Swig".
CRLs are back, baby!π Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Letβs Encrypt builds infrastructure to support browser-based certificate revocation revival
CRLs are back, baby!
π1
βΌ CVE-2022-36779 βΌ
π Read
via "National Vulnerability Database".
PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated OS Command Injection Proscend M330-w / M33-W5 / M350-5G / M350-W5G / M350-6 / M350-W6 / M301-G / M301-GW ADVICE ICR 111WG / https://www.proscend.com/en/category/industrial-Cellular-Router/industrial-Cellular-Router.html https://cdn.shopify.com/s/files/1/0036/9413/3297/files/ADVICE_Industrial_4G_LTE_Cellular_Router_ICR111WG.pdf?v=1620814301π Read
via "National Vulnerability Database".
βΌ CVE-2022-36385 βΌ
π Read
via "National Vulnerability Database".
A threat actor with momentary access to the device can plug in a USB drive and perform a malicious firmware update, resulting in permanent changes to device functionality. No authentication or controls are in place to prevent a threat actor from maliciously modifying firmware and performing a drive-by attack to load the firmware on any CMS8000 device.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38541 βΌ
π Read
via "National Vulnerability Database".
Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in the my2sql interface.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36782 βΌ
π Read
via "National Vulnerability Database".
Pal Electronics Systems - Pal Gate Authorization Errors. The vulnerability is an authorization problem in PalGate device management android client app. Gates of bulidings and parking lots with a simple button in any smartphone. The API was found after a decompiling and static research using Jadx, and a dynamic analasys using Frida. The attacker can iterate over all the IOT devices to see every entry and exit, on every gate and device all over the world, he can also scrape the server and create a user's DB with full names and phone number of over 2.8 million users, and to see all of the users' movement in and out of gates, even in real time.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38069 βΌ
π Read
via "National Vulnerability Database".
Multiple globally default credentials exist across all CMS8000 devices, that once exposed, allow a threat actor with momentary physical access to gain privileged access to any device. Privileged credential access enables the extraction of sensitive patient information or modification of device parametersπ Read
via "National Vulnerability Database".
βΌ CVE-2022-2990 βΌ
π Read
via "National Vulnerability Database".
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38538 βΌ
π Read
via "National Vulnerability Database".
Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38139 βΌ
π Read
via "National Vulnerability Database".
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in RD Station plugin <= 5.1.3 at WordPress.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36778 βΌ
π Read
via "National Vulnerability Database".
insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2989 βΌ
π Read
via "National Vulnerability Database".
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3027 βΌ
π Read
via "National Vulnerability Database".
The CMS8000 device does not properly control or sanitize the SSID name of a new Wi-Fi access point. A threat actor could create an SSID with a malicious name, including non-standard characters that, when the device attempts connecting to the malicious SSID, the device can be exploited to write arbitrary files or display incorrect information.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38100 βΌ
π Read
via "National Vulnerability Database".
The CMS800 device fails while attempting to parse malformed network data sent by a threat actor. A threat actor with network access can remotely issue a specially formatted UDP request that will cause the entire device to crash and require a physical reboot. A UDP broadcast request could be sent that causes a mass denial-of-service attack on all CME8000 devices connected to the same network.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38540 βΌ
π Read
via "National Vulnerability Database".
Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the create_kill_session interface.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38453 βΌ
π Read
via "National Vulnerability Database".
Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debug_info' compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36780 βΌ
π Read
via "National Vulnerability Database".
Avdor CIS - crystal quality Credentials Management Errors. The product is phone call recorder, you can hear all the recorded calls without authenticate to the system. Attacker sends crafted URL to the system: ip:port//V=2;ChannellD=number;Ext=number;Command=startLM;Client=number;Request=number;R=number number - id of the recorded number.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1278 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1602 βΌ
π Read
via "National Vulnerability Database".
A potential security vulnerability has been identified in HP ThinPro 7.2 Service Pack 8 (SP8). The security vulnerability in SP8 is not remedied after upgrading from SP8 to Service Pack 9 (SP9). HP has released Service Pack 10 (SP10) to remediate the potential vulnerability introduced in SP8.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3190 βΌ
π Read
via "National Vulnerability Database".
Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture fileπ Read
via "National Vulnerability Database".