PoC – Page 7 – WindowsTechs.com

Vulnerabilities open Korenix JetWave industrial networking devices to attack

Posted on February 13, 2023 by Zeljka Zorz

Three vulnerabilities found in a variety of Korenix JetWave industrial access points and LTE cellular gateways may allow attackers to either disrupt their operation or to use them as a foothold for further attacks, CyberDanube researchers have found. &… Continue reading Vulnerabilities open Korenix JetWave industrial networking devices to attack→

Posted on January 26, 2023 by Zeljka Zorz

Akamai researchers have published a PoC exploit for a critical vulnerability (CVE-2022-34689) in Windows CryptoAPI, which validates public key certificates. “An attacker could manipulate an existing public x.509 certificate to spoof their identit… Continue reading Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)→

Posted on January 18, 2023 by Zeljka Zorz

Two vulnerabilities (CVE-2022-4873, CVE-2022-4874) found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and there’s a public PoC chaining them, CERT/CC has warned. The good news is that t… Continue reading Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)→

Posted on January 17, 2023 by Zeljka Zorz

If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because Horizon3’s will be releasing technical details and a PoC exploit this week…. Continue reading PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)→

Posted on January 16, 2023 by Zeljka Zorz

If you’re running the Cacti network monitoring solution and you haven’t updated it since early December, now is the time to do it to foil attackers exploiting a critical command injection flaw (CVE-2022-46169). About Cacti and CVE-2022-4616… Continue reading Cacti servers under attack by attackers exploiting CVE-2022-46169→

Posted on January 12, 2023 by Zeljka Zorz

Cisco has acknowledged one critical (CVE-2023-20025) and two medium-severity (CVE-2023-20026, CVE-2023-20045) vulnerabilities affecting some of its Small Business series of routers, but won’t be fixing them as the devices “have entered the … Continue reading Cisco won’t fix router flaws even though PoC exploit is available (CVE-2023-20025, CVE-2023-20026)→

Posted on December 21, 2022 by Zeljka Zorz

Ransomware-wielding attackers are using a new exploit chain that includes one of the ProxyNotShell vulnerabilities (CVE-2022-41082) to achieve remote code execution on Microsoft Exchange servers. The ProxyNotShell exploit chain used CVE-2022-41040, a S… Continue reading New Microsoft Exchange exploit chain lets ransomware attackers in (CVE-2022-41080)→

Posted on December 12, 2022 by Zeljka Zorz

A high-risk stack overflow vulnerability (CVE-2022-20968) may allow attackers to DoS or possibly even execute code remotely on Cisco 7800 and 8800 Series IP phones, the company has confirmed. Cisco‘s PSIRT is also aware that proof-of-concept expl… Continue reading Vulnerability with public PoC affects Cisco IP phones, fix unavailable (CVE-2022-20968)→

Posted on October 14, 2022 by Zeljka Zorz

Horizon3.ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet‘s firewalls and secure web gateways, and soon after exploitation attempts started rising. “[On Thursday], the… Continue reading Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount→

Posted on July 13, 2022 by Ben Coxworth

While bike helmets do provide a great deal of protection, it’s certainly still possible to sustain a head injury when wearing one. This fact prompted two Swedish companies to develop a prototype airbag-equipped helmet, which could make a big difference… Continue reading Airbag bike helmet boasts better protection of cyclists’ noggins→