SSD / Maor Schwartz – Page 2

Hack2Win eXtreme

Posted on January 22, 2018 by SSD / Maor Schwartz

Hack2Win is a hacking competition we launched 5 years ago. The competition had so far two flavors – Hack2Win Online and Hack2Win CodeBlue. We decided to go big this year and with Hack2Win eXtreme! Hack2Win eXtreme will focus on two primary target… Continue reading Hack2Win eXtreme→

SSD Advisory – GitStack Unauthenticated Remote Code Execution

Posted on January 15, 2018 by SSD / Maor Schwartz

Vulnerability Summary The following advisory describes an unauthenticated action that allows a remote attacker to add a user to GitStack and then used to trigger an unauthenticated remote code execution. GitStack is “a software that lets you setu… Continue reading SSD Advisory – GitStack Unauthenticated Remote Code Execution→

SSD Advisory – Seagate Personal Cloud Multiple Vulnerabilities

Posted on January 11, 2018 by SSD / Maor Schwartz

Vulnerabilities summary The following advisory describes two (2) unauthenticated command injection vulnerabilities. Seagate Personal Cloud Home Media Storage is “the easiest way to store, organize, stream and share all your music, movies, photos,… Continue reading SSD Advisory – Seagate Personal Cloud Multiple Vulnerabilities→

SSD Advisory – Sophos XG from Unauthenticated Persistent XSS to Unauthorized Root Access

Posted on January 8, 2018 by SSD / Maor Schwartz

Vulnerability Summary The following advisory describes an unauthenticated persistent XSS that leads to unauthorized root access found in Sophos XG version 17. Sophos XG Firewall “provides unprecedented visibility into your network, users, and app… Continue reading SSD Advisory – Sophos XG from Unauthenticated Persistent XSS to Unauthorized Root Access→

SSD Advisory–D-Link DSL-6850U多个漏洞

Posted on January 7, 2018 by SSD / Maor Schwartz

漏洞概要以下安全公告描述了在D-Link DSL-6850U BZ_1.00.01 – BZ_1.00.09中的发现的两个漏洞。 D-Link DSL-6… Continue reading SSD Advisory–D-Link DSL-6850U多个漏洞→

Know your community – Sergi Alvarez AKA Pancake

Posted on January 4, 2018 by SSD / Maor Schwartz

The creator of Radare2, vulnerability researcher, chef and a family man – meet Sergi Alvarez also known as Pancake! Questions Q: How many years have you been working in the security field? A: I started programming BASIC in Spectrum and PC/M. Then… Continue reading Know your community – Sergi Alvarez AKA Pancake→

SSD Advisory – Livebox Fibra (Orange Router) Multiple Vulnerabilities

Posted on January 3, 2018 by SSD / Maor Schwartz

Vulnerabilities Summary The following advisory describes four (4) vulnerabilities found in Livebox Fibra router version AR_LBFIBRA\_sp-00.03.04.112S. It is possible to chain the vulnerabilities into remote code execution. The “Livebox Fibra&#8221… Continue reading SSD Advisory – Livebox Fibra (Orange Router) Multiple Vulnerabilities→

SSD Advisory – D-Link DSL-6850U Multiple Vulnerabilities

Posted on January 1, 2018 by SSD / Maor Schwartz

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in D-Link DSL-6850U versions BZ_1.00.01 – BZ_1.00.09. D-Link DSL-6850U is a router “manufactured by D-Link for Bezeq in Israel” The vulnerabilities… Continue reading SSD Advisory – D-Link DSL-6850U Multiple Vulnerabilities→

SSD安全公告-vBulletin routestring未经验证的远程代码执行

Posted on December 31, 2017 by SSD / Maor Schwartz

漏洞概要以下安全公告描述了在vBulletin5中发现的一个未经身份验证的文件包&… Continue reading SSD安全公告-vBulletin routestring未经验证的远程代码执行→

SSD Advisory – Kingsoft Antivirus/Internet Security 9+ Privilege Escalation

Posted on December 26, 2017 by SSD / Maor Schwartz

Vulnerability Summary The following advisory describes a kernel stack buffer overflow that leads to privilege escalation found in Kingsoft Antivirus/Internet Security 9+. Kingsoft Antivirus “provides effective and efficient protection solution at… Continue reading SSD Advisory – Kingsoft Antivirus/Internet Security 9+ Privilege Escalation→