βΌ CVE-2023-2649 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Tenda AC23 16.03.07.45_cn. It has been declared as critical. This vulnerability affects unknown code of the file /bin/ate of the component Service Port 7329. The manipulation of the argument v2 leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228778 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2646 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in TP-Link Archer C7v2 v2_en_us_180114 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component GET Request Parameter Handler. The manipulation leads to denial of service. The attack can only be done within the local network. The associated identifier of this vulnerability is VDB-228775. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2645 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of the component Web Management Page. The manipulation of the argument username/password with the input root leads to use of hard-coded password. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. VDB-228774 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2643 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in SourceCodester File Tracker Manager System 1.0. This vulnerability affects unknown code of the file register/update_password.php of the component POST Parameter Handler. The manipulation of the argument new_password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228772.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2642 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. This affects an unknown part of the file adminpanel/admin/facebox_modal/updateCourse.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228771.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2647 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Weaver E-Office 9.5 and classified as critical. Affected by this issue is some unknown functionality of the file /webroot/inc/utility_all.php of the component File Upload Handler. The manipulation leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228776. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.π Read
via "National Vulnerability Database".
π΄ 2023 AT&T Cybersecurity Insights Report: Edge Ecosystem π΄
π Read
via "Dark Reading".
The 2023 AT&T Cybersecurity Insights Report examines how edge use cases are evolving, how organizations are changing to deliver better business outcomes through digital first experiences, and how an integrated ecosystem can work together to put security at the core of edge computing. π Read
via "Dark Reading".
Dark Reading
2023 AT&T Cybersecurity Insights Report: Edge Ecosystem
The 2023 AT&T Cybersecurity Insights Report examines how edge use cases are evolving, how organizations are changing to deliver better business outcomes through digital first experiences, and how an integrated ecosystem can work together to put security atβ¦
π1
π΄ Why Economic Downturns Put Innovation at Risk & Threaten Cyber Safety π΄
π Read
via "Dark Reading".
Supplementing staff by hiring hackers to seek holes in a company's defense makes economic sense in a downturn. Could they be cybersecurity's unlikely heroes in a recession?π Read
via "Dark Reading".
Dark Reading
Why Economic Downturns Put Innovation at Risk & Threaten Cyber Safety
Supplementing staff by hiring hackers to seek holes in a company's defense makes economic sense in a downturn. Could they be cybersecurity's unlikely heroes in a recession?
π΄ Dragos Employee Hacked, Revealing Ransomware, Extortion Scheme π΄
π Read
via "Dark Reading".
Attackers compromised the personal email of a new employee and, when the initial attack failed, attempted through socially engineered messages to get the company to pay them off.π Read
via "Dark Reading".
Dark Reading
Dragos Employee Hacked, Revealing Ransomware, Extortion Scheme
Attackers compromised the personal email of a new employee and, when the initial attack failed, attempted through socially engineered messages to get the company to pay them off.
βΌ CVE-2023-0857 βΌ
π Read
via "National Vulnerability Database".
Unintentional change of settings during initial registration of system administrators which uses control protocols. The affected Office / Small Office Multifunction Printers and Laser Printers(*) may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2656 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file /classes/Master.php?f=delete_service. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-228798 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0856 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0855 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29863 βΌ
π Read
via "National Vulnerability Database".
Medical Systems Co. Medisys Weblab Products v19.4.03 was discovered to contain a SQL injection vulnerability via the tem:statement parameter in the WSDL files.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0858 βΌ
π Read
via "National Vulnerability Database".
Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31445 βΌ
π Read
via "National Vulnerability Database".
Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0853 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0852 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0859 βΌ
π Read
via "National Vulnerability Database".
Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*). *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0851 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34076 βΌ
π Read
via "National Vulnerability Database".
File Upload vulnerability in PHPOK 5.7.140 allows remote attackers to run arbitrary code and gain escalated privileges via crafted zip file upload.π Read
via "National Vulnerability Database".