Category Archives: Unauthenticated Action

SSD Advisory – Cisco Prime Infrastructure File Inclusion and Remote Command Execution to Privileges Escalation

Posted on by

Vulnerabilities Summary Cisco Prime Infrastructure (CPI) contains two vulnerabilities that when exploited allow an unauthenticated attacker to achieve root privileges and execute code remotely. The first vulnerability is a file upload vulnerability tha… Continue reading SSD Advisory – Cisco Prime Infrastructure File Inclusion and Remote Command Execution to Privileges Escalation

SSD Advisory – CloudByte ElastiStor OS Unauthenticated Remote Code Execution

Posted on by

Vulnerabilities Summary The following advisory describes two vulnerabilities found in ElastiCenter, ElastiStor’s management console, File Injection that leads to unauthenticated remote code execution. ElastiCenter is the centralized management to… Continue reading SSD Advisory – CloudByte ElastiStor OS Unauthenticated Remote Code Execution

SSD Advisory – QRadar Remote Command Execution

Posted on by

Vulnerability Summary Multiple vulnerabilities in QRadar allow a remote unauthenticated attackers to cause the product to execute arbitrary commands. Each vulnerability on its own is not as strong as their chaining – which allows a user to change… Continue reading SSD Advisory – QRadar Remote Command Execution

SSD Advisory – TrustPort Management Unauthenticated Remote Code Execution

Posted on by

Vulnerability Summary Multiple vulnerabilities in TrustPort’s management product allow remote unauthenticated attackers to cause the product to execute arbitrary code. TrustPort Management “offers you an effective and practical way to insta… Continue reading SSD Advisory – TrustPort Management Unauthenticated Remote Code Execution

SSD Advisory – TerraMaster TOS Unauthenticated Remote Command Execution

Posted on by

Vulnerability Summary The following advisory describes a unauthenticated remote command execution found in TerraMaster TOS 3.0.33. TOS is a “Linux platform-based operating system developed for TerraMaster cloud storage NAS server. TOS 3 is the th… Continue reading SSD Advisory – TerraMaster TOS Unauthenticated Remote Command Execution

SSD Advisory – AppWeb Authentication Bypass (Digest, Basic and Forms)

Posted on by

Vulnerability Summary A critical vulnerability in the EmbedThis HTTP library, and Appweb versions 5.5.x, 6.x, and 7.x including the latest version present in the git repository. In detail, due to a logic flaw, with a forged HTTP request it is possible … Continue reading SSD Advisory – AppWeb Authentication Bypass (Digest, Basic and Forms)

SSD Advisory – TrendNet AUTHORIZED_GROUP Information Disclosure

Posted on by

Vulnerability Summary The following advisory describes an information disclosure found in the following TrendNet routers: TEW-751DR – v1.03B03 TEW-752DRU – v1.03B01 TEW733GR – v1.03B01 TRENDnet’s “N600 Dual Band Wireless R… Continue reading SSD Advisory – TrendNet AUTHORIZED_GROUP Information Disclosure

SSD Advisory – CloudMe Unauthenticated Remote Buffer Overflow

Posted on by

The following advisory describes one (1) vulnerability found in CloudMe. CloudMe is “a file storage service operated by CloudMe AB that offers cloud storage, file synchronization and client software. It features a blue folder that appears on all … Continue reading SSD Advisory – CloudMe Unauthenticated Remote Buffer Overflow

SSD Advisory – Hack2Win – Cisco RV132W Multiple Vulnerabilities

Posted on by

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Cisco RV132W Wireless N VPN version 1.0.1.8 The Cisco RV132W Wireless-N ADSL2+ VPN Router is “easy to use, set up, and deploy. This flexible router offers g… Continue reading SSD Advisory – Hack2Win – Cisco RV132W Multiple Vulnerabilities