FreshRSS

๐Ÿ”’
โŒ About FreshRSS
โ˜ท
โ–ณ ๐Ÿ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayFull Disclosure

Zyxel IPC 3605N & 4605N / Remote shell access

Posted by Eric Urban on Aug 15

Hello everyone,

I have identified that the Zyxel IPC 3605N and 4605N IP based security
cameras have multiple flaws. Combining these together leads to the ability
for an attacker to remotely install root shell access on the device.

A web server installed for UPnP purposes allows the plaintext passwords to
be retrieved by anyone. This grants access to the web administration
interface. From there, a tarball can be downloaded, modified with a...
  • August 16th 2022 at 03:32
  • โ†—

Re: typeorm CVE-2022-33171

Posted by Andrii Kostenko via Fulldisclosure on Aug 15

I found what I think is a vulnerability in the latest typeorm 0.3.7.
TypeORM v0.3 has a new findOneBy method instead of findOneById() and it is
the only way to get a record by id

Sending undefined as a value in this method removes this parameter from the
query. This leads to the data exposure.

For example:
Users.findOneBy({id: req.query.id}) with /?id=12345 produces SELECT * FROM
Users WHERE id=12345 LIMIT 1 while removing id from the query...
  • August 16th 2022 at 03:32
  • โ†—

Win32.Ransom.BlueSky / Arbitrary Code Execution

Posted by malvuln on Aug 15

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/961fa85207cdc4ef86a076bbff07a409.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Win32.Ransom.BlueSky
Vulnerability: Arbitrary Code Execution
Description: The BlueSky ransomware looks for and executes arbitrary DLLs
in its current working directory. Therefore, we can hijack a vuln DLL,
execute our own code, control...
  • August 16th 2022 at 03:32
  • โ†—

CVE-2022-2590: Linux kernel privilege escalation vulnerability

Posted by Turritopsis Dohrnii Teo En Ming on Aug 11

Subject: CVE-2022-2590: Linux kernel privilege escalation vulnerability

Good day from Singapore,

Just sharing this Linux kernel security vulnerability.

Article: CVE-2022-2590: Linux kernel privilege escalation vulnerability
Link: https://securityonline.info/cve-2022-2590-linux-kernel-privilege-escalation-vulnerability/

Regards,

Mr. Turritopsis Dohrnii Teo En Ming
Targeted Individual in Singapore
  • August 12th 2022 at 01:57
  • โ†—

Backdoor.Win32.Guptachar.20 / Insecure Credential Storage

Posted by malvuln on Aug 08

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Guptachar.20
Vulnerability: Insecure Credential Storage
Description: The malware runs a web server on TCP port 2015 (default) and
uses BASIC authentication. The credentials "hacker01:imchampgr8" get stored
in a...
  • August 9th 2022 at 03:42
  • โ†—

Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/783a191e7944e1af84ec0fa96d933f30.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Jokerdoor
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on TCP port 27374. Attackers who can reach
an infected system can send a large payload and trigger a classic stack
buffer overflow...
  • August 5th 2022 at 04:15
  • โ†—

Backdoor.Win32.Bushtrommel.122 / Authentication Bypass

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Bushtrommel.122
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 31745 runs an ftp server on
port 1030. Attackers who can reach infected systems can logon using any
username/password...
  • August 5th 2022 at 04:15
  • โ†—

Backdoor.Win32.Bushtrommel.122 / Unauthenticated Remote Command Execution

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Bushtrommel.122
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 31745 and 1030. Adversaries
who can reach infected hosts can run commands made available by the...
  • August 5th 2022 at 04:15
  • โ†—
โŒ