Unauthenticated Action – Page 2

SSD Advisory – Hotspot Shield Information Disclosure

Posted on January 30, 2018 by SSD / Maor Schwartz

Vulnerability Summary The following advisory describes a information disclosure found in Hotspot Shield. Hotspot Shield “provides secure and private access to a free and open internet. Enabling access to social networks, sports, audio and video s… Continue reading SSD Advisory – Hotspot Shield Information Disclosure→

SSD Advisory – Hack2Win – Asus Unauthenticated LAN Remote Command Execution

Posted on January 22, 2018 by SSD / Maor Schwartz

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in AsusWRT Version 3.0.0.4.380.7743. The combination of the vulnerabilities leads to LAN remote command execution on any Asus router. AsusWRT is “THE POWERFUL … Continue reading SSD Advisory – Hack2Win – Asus Unauthenticated LAN Remote Command Execution→

SSD Advisory – GitStack Unauthenticated Remote Code Execution

Posted on January 15, 2018 by SSD / Maor Schwartz

Vulnerability Summary The following advisory describes an unauthenticated action that allows a remote attacker to add a user to GitStack and then used to trigger an unauthenticated remote code execution. GitStack is “a software that lets you setu… Continue reading SSD Advisory – GitStack Unauthenticated Remote Code Execution→

SSD Advisory – Sophos XG from Unauthenticated Persistent XSS to Unauthorized Root Access

Posted on January 8, 2018 by SSD / Maor Schwartz

Vulnerability Summary The following advisory describes an unauthenticated persistent XSS that leads to unauthorized root access found in Sophos XG version 17. Sophos XG Firewall “provides unprecedented visibility into your network, users, and app… Continue reading SSD Advisory – Sophos XG from Unauthenticated Persistent XSS to Unauthorized Root Access→

SSD Advisory–D-Link DSL-6850U多个漏洞

Posted on January 7, 2018 by SSD / Maor Schwartz

漏洞概要以下安全公告描述了在D-Link DSL-6850U BZ_1.00.01 – BZ_1.00.09中的发现的两个漏洞。 D-Link DSL-6… Continue reading SSD Advisory–D-Link DSL-6850U多个漏洞→

SSD安全公告-vBulletin routestring未经验证的远程代码执行

Posted on December 31, 2017 by SSD / Maor Schwartz

漏洞概要以下安全公告描述了在vBulletin5中发现的一个未经身份验证的文件包&… Continue reading SSD安全公告-vBulletin routestring未经验证的远程代码执行→

SSD Advisory – Trustwave SWG Unauthorized Access

Posted on December 26, 2017 by SSD / Maor Schwartz

Vulnerability Summary The following advisory describes an unauthorized access vulnerability that allows an unauthenticated user to add their own SSH key to a remote Trustwave SWG version 11.8.0.27. Trustwave Secure Web Gateway (SWG) “provides dis… Continue reading SSD Advisory – Trustwave SWG Unauthorized Access→

SSD Advisory – Ichano AtHome IP Cameras Multiple Vulnerabilities

Posted on December 19, 2017 by SSD / Maor Schwartz

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Ichano IP Cameras. AtHome Camera is “a remote video surveillance app which turns your personal computer, smart TV/set-top box, smart phone, and tablet int… Continue reading SSD Advisory – Ichano AtHome IP Cameras Multiple Vulnerabilities→

SSD安全公告-QNAP QTS未经认证的远程代码执行漏洞

Posted on December 18, 2017 by SSD / Maor Schwartz

漏洞概要以下安全公告描述了QNAP QTS的一个内存损坏漏洞，成功利用该漏洞&#2… Continue reading SSD安全公告-QNAP QTS未经认证的远程代码执行漏洞→

SSD Advisory – vBulletin cacheTemplates Unauthenticated Remote Arbitrary File Deletion

Posted on December 13, 2017 by SSD / Maor Schwartz

Vulnerability Summary The following advisory describes a unauthenticated deserialization vulnerability that leads to arbitrary delete files and, under certain circumstances, code execution found in vBulletin version 5. vBulletin, also known as vB, is &… Continue reading SSD Advisory – vBulletin cacheTemplates Unauthenticated Remote Arbitrary File Deletion→