what you don't know can hurt you
Showing 1 - 9 of 9 RSS Feed

Files from Emanuel Duss

Email addressemanuel.duss at compass-security.com
First Active2019-01-17
Last Active2022-03-21
3CX Phone System Cleartext Passwords
Posted Mar 21, 2022
Authored by Emanuel Duss

The 3CX Phone System stores password in the clear as well as makes them exportable in the administration interface.

tags | advisory
advisories | CVE-2021-45491
SHA-256 | 2c1705c4372ab218a33192a0a6965c618979430b30d44e4c74099369db74b516
3CX Client Missing TLS Validation
Posted Mar 21, 2022
Authored by Emanuel Duss

The 3CX Client for Windows (legacy), Android, and iOS fails to properly validate TLS certificates.

tags | advisory
systems | windows, ios
advisories | CVE-2021-45490
SHA-256 | 074017ebf0abca4d37a8b67b240f167c0bec4bbfda44f67fe65cc2c9c71455a1
Ionic Identity Vault 5.0.4 PIN Unlock Lockout Bypass
Posted Nov 22, 2021
Authored by Emanuel Duss

Ionic Identity Vault versions 5.0.4 and below suffer from a PIN unlock lockout bypass vulnerability on both Android and iOS.

tags | exploit, bypass
systems | ios
advisories | CVE-2021-44033
SHA-256 | 6d043256140f16431c0ba31a27b2ed7b96bda2ffd3eebc36d63d48a045405df3
OpenVPN Monitor 1.1.3 Cross Site Request Forgery
Posted Sep 24, 2021
Authored by Sylvain Heiniger, Emanuel Duss

OpenVPN Monitor versions 1.1.3 and below suffer from a cross site request forgery vulnerability that allows an attacker to disconnect arbitrary VPN clients.

tags | exploit, arbitrary, csrf
advisories | CVE-2021-31604
SHA-256 | 1f3480045376cc0f2cd806ce155a2c7af1486e8d2504fc839a567a574a2ca25d
OpenVPN Monitor 1.1.3 Command Injection
Posted Sep 24, 2021
Authored by Sylvain Heiniger, Emanuel Duss

OpenVPN Monitor versions 1.1.3 and below suffer from an injection vulnerability that allows an attacker to inject arbitrary commands into the OpenVPN server management interface socket.

tags | exploit, arbitrary
advisories | CVE-2021-31605
SHA-256 | 4aac8e5a6173c4bf869dd5a55f56e9c252331247d5ba381aa933566cb18beba6
OpenVPN Monitor 1.1.3 Authorization Bypass / Denial Of Service
Posted Sep 24, 2021
Authored by Sylvain Heiniger, Emanuel Duss

OpenVPN Monitor versions 1.1.3 and below suffer from an authorization bypass vulnerability that allows an attacker to disconnect arbitrary clients, even if the disconnect feature is disabled.

tags | exploit, arbitrary, bypass
advisories | CVE-2021-31606
SHA-256 | 44443d6d17ea4c88ab04491310bc5cbff119d5c6333513c5f92e9d957fcdc127
Ionic Identity Vault 4.7 Android Biometric Authentication Bypass
Posted Sep 8, 2021
Authored by Emanuel Duss

Ionic Identity Vault versions 4.7 and below suffer from a biometric authentication bypass vulnerability on Android.

tags | exploit, bypass
advisories | CVE-2021-3145
SHA-256 | 0937a4fec4ba4da6536fb54a86bc96cbee6f829e34003327e23d35d71714b309
Froala WYSIWYG HTML Editor 3.1.1 Cross Site Scripting
Posted Jul 3, 2020
Authored by Emanuel Duss

Froala WYSIWYG HTML Editor versions 3.0.6 through 3.1.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-19935
SHA-256 | bdfe7870a6bfb2049e8c75da603ea32348be1f41280ca90de30fc97cec47171d
Siemens SICAM A8000 Series Denial Of Service
Posted Jan 17, 2019
Authored by Nicolas Heiniger, Emanuel Duss

Siemens SICAM A8000 Series suffers from an XML injection denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2018-13798
SHA-256 | 354a63d78ac4b5ab320b994b6c1ce672f98e673e216b330282677992fd04dbd8
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close