Axis Cameras suffer from authorization bypass, unrestricted dbus access, command injection, denial of service, and information disclosure vulnerabilities.
5e9747cd700a38abddaca3fd3d40d3df83bf20b08c4efc814e47b25f3307c9bf
This archive contains all of the 189 exploits added to Packet Storm in July, 2016.
e13a439ebcbdc61a9426b21acafbdd760dda29f7fe1a26252403bdeab0c53605
CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from cryptographic issues and replay attack vulnerabilities.
3737c6b837cb5779da05eb65eeceaa868fb36d30c20fac2a630e28c5168f4313
WebKit suffers from a memory corruption vulnerability in TypedArray.copyWithin.
a1a879392edefe9000a32a0b132faa9914f660c3f5583d951b4ba36dc59d1a5b
Fotoware Fotoweb version 8.0 suffers from a cross site scripting vulnerability.
717d348863562a3aa670199e488c82077b04fa3638d2791f2a6ab5651d0df5fc
WebKit suffers from a memory corruption vulnerability in TypedArray.fill.
dd867b4d358aaa6e14a0d03112c063c2e4ef03e466614c2eb27dcbda6488c1ef
Perixx Computer PERIDUO-710W suffers from insufficient protection of code (firmware) and data (cryptographic key).
38f937f8061cad43b21e684ff35b905293604b2bc0497e65235d623d04f62a1c
Logitech K520 keyboards suffer form cryptographic issues and insufficient protection against replay attacks.
02220b6a6fed68dae857d702f9529ab8a00d04c1577c2ca7f2ea7e090a2225d2
Vicon Network Cameras suffer from an authentication bypass vulnerability.
fc41aa317247b90493da204941efdd185920d76d224fc4726d74f91720157513
This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web Application Firewall firmware versions 8.0.1.008 (2016-03-22) and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.
e629172103ae4ff6e305d3b64279d72809b63af1ee85c6af41c91df3db7d9d96
CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from insufficient protection of code (firmware) and data (cryptographic key).
f1ff00bde501a530edae9d601cb3986ee2e1274ad3e4408f7af68bf525e7d5f6
ZMS CMS version 3.2 suffers from multiple client-side cross site scripting vulnerabilities.
d1689365750d4ba1f5228287f04268ec54eb4b81703581f9546445b0ab459a52
This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware Version <= 8.0.1.008 and Load Balancer Firmware <= v5.4.0.004 by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.
ada1acb74888da1ee068093d1bfd8b3f3fa7cbe886c53bffebec80de7451a35e
WordPress Ultimate Product Catalog plugin versions 3.9.8 and below suffer from a remote unauthenticated blind SQL injection vulnerability.
5bacab668e9242da4ccd6ac7578697bc74b3ca2afbaf088e2ffe1dba9f652000
Linux ARM/ARM64 architectures suffer from an arbitrary memory read vulnerability in perf_event_open().
d93d6ea3ad561c8f7d1736c08ffd738028f0f1563210cd2723d3dd9167a9b0bc
Exponent CMS version 2.3.9 suffers from a cross site scripting vulnerability that allows for user account addition.
423cf5f16e0bc3e2b68f98c0ffbfb9ff0056a53477952e4c8a5336cbd334fcf1
Zortam Media Studio version 20.60 suffers from a buffer overflow vulnerability.
60f4ac036146a9137d475523420c506dc7dcbe9ef06f4a36f384d1f5d5bb0db1
Saveya suffers from a malicious script insertion vulnerability.
5551173a26e0ebd8d02b44aefec2da15f69c5fefb72772e0228d85ebfaa58bcc
Zoll Checklist version 1.2.2 suffers from a malicious script insertion vulnerability.
eded9a2d4136f497a7b8aa4fc8fae14d8f6c7b0c761dd5482b1e3db648ac5264
AppArmor has a reference count leak in aa_fs_seq_hash_show that can be used to overflow the reference counter and trigger a kernel use-after-free.
aeb4adc2c9454e00e280467d5afe605088bc235c957b16c9ba2883396aeb3993
Multiple products from AXIS suffer from a remote command execution vulnerability.
5d3626abb1ca74ae36c7f97673ca1ac0fa4274ea3398a978924fd38256827c7b
LastPass version 4.1.20a on Windows suffers from some issues where the add-on works by injecting elements and event handlers into the page. The attached proof of concept will delete a given file.
251e29ebd27cfc49ad197f0294b26341778ad40b289cfd17cf8122679ada2ce7
Centreon Web Interface versions 2.5.3 and below utilize an ECHO for logging SQL errors. This functionality can be abused for arbitrary code execution, and can be triggered via the login screen prior to authentication.
5c09582d8455d486f9a8b546afc64ba7e1c0033c02c90405893cf9e6a8d35f16
The Iris ID IrisAccess iCAM4000/7000 series suffer from a use of hard-coded credentials. When visiting the device interface with a browser on port 80, the application loads an applet JAR file 'ICAMClient.jar' into user's browser which serves additional admin features. In the JAR file there is an account 'rou' with password 'iris4000' that has read and limited write privileges on the affected node. An attacker can access the device using these credentials starting a simple telnet session on port 23 gaining access to sensitive information and/or FTP access on port 21 (with EVERYTHING allowed) and uploading malicious content.
ad28f751582d4594cec5c55c01bdc1eaae1d58398e82fe87383a507eb30e69ae
The Iris ID IrisAccess ICU 7000-2 device suffers from an unauthenticated remote command execution vulnerability. The vulnerability exist due to several POST parameters in the '/html/SetSmarcardSettings.php' script not being sanitized when using the exec() PHP function while updating the Smart Card Settings on the affected device. Calling the '$CommandForExe' variable which is set to call the '/cgi-bin/setsmartcard' CGI binary with the affected parameters as arguments allows the attacker to execute arbitrary system commands as the root user and bypass the biometric access control in place.
9ac64b5f4368e8e636317ddaac6a7d12f9f73b9c06e7360a07239e379b4f1e3d