VU#884840: Animas OneTouch Ping insulin pump contains multiple vulnerabilities

The Animas OneTouch Ping insulin pump contains multiple vulnerabilities that may allow an unauthenticated remote attacker to obtain patient treatment or device data,or execute commands on the device. The attacker cannot obtain personally identifiable information. Continue reading VU#884840: Animas OneTouch Ping insulin pump contains multiple vulnerabilities

VU#667480: AVer Information EH6108H+ hybrid DVR contains multiple vulnerabilities

AVer Information EH6108H+hybrid DVR,version X9.03.24.00.07l and possibly earlier,reportedly contains multiple vulnerabilities,including undocumented privileged accounts,authentication bypass,and information exposure. Continue reading VU#667480: AVer Information EH6108H+ hybrid DVR contains multiple vulnerabilities

VU#974424: Crestron Electronics DM-TXRX-100-STR web interface contains multiple vulnerabilities

Crestron Electronics DM-TXRX-100-STR,version 1.2866.00026 and earlier,has a web management interface which contains multiple vulnerabilities,including authentication bypass,failure to restrict access to authorized users,use of hard-coded certificate,default credentials,and cross-site request forgery(CSRF). These vulnerabilities may be leveraged to gain complete control of affected devices. Continue reading VU#974424: Crestron Electronics DM-TXRX-100-STR web interface contains multiple vulnerabilities

Netgear Router Update Removes Hardcoded Crypto Keys

Netgear on Friday released firmware updates for two of its router products lines, patching a hardcoded cryptographic key and an authentication bypass flaw that were reported six months ago. Continue reading Netgear Router Update Removes Hardcoded Crypto Keys