Showing 1 - 9 of 9

Files from Emanuel Duss

Email address	emanuel.duss at compass-security.com
First Active	2019-01-17
Last Active	2022-03-21

3CX Phone System Cleartext Passwords: Posted Mar 21, 2022; Authored by Emanuel Duss; The 3CX Phone System stores password in the clear as well as makes them exportable in the administration interface.; tags | advisory; advisories | CVE-2021-45491; SHA-256 | 2c1705c4372ab218a33192a0a6965c618979430b30d44e4c74099369db74b516; Download | Favorite | View

3CX Client Missing TLS Validation: Posted Mar 21, 2022; Authored by Emanuel Duss; The 3CX Client for Windows (legacy), Android, and iOS fails to properly validate TLS certificates.; tags | advisory; systems | windows, ios; advisories | CVE-2021-45490; SHA-256 | 074017ebf0abca4d37a8b67b240f167c0bec4bbfda44f67fe65cc2c9c71455a1; Download | Favorite | View

Ionic Identity Vault 5.0.4 PIN Unlock Lockout Bypass: Posted Nov 22, 2021; Authored by Emanuel Duss; Ionic Identity Vault versions 5.0.4 and below suffer from a PIN unlock lockout bypass vulnerability on both Android and iOS.; tags | exploit, bypass; systems | ios; advisories | CVE-2021-44033; SHA-256 | 6d043256140f16431c0ba31a27b2ed7b96bda2ffd3eebc36d63d48a045405df3; Download | Favorite | View

OpenVPN Monitor 1.1.3 Cross Site Request Forgery: Posted Sep 24, 2021; Authored by Sylvain Heiniger, Emanuel Duss; OpenVPN Monitor versions 1.1.3 and below suffer from a cross site request forgery vulnerability that allows an attacker to disconnect arbitrary VPN clients.; tags | exploit, arbitrary, csrf; advisories | CVE-2021-31604; SHA-256 | 1f3480045376cc0f2cd806ce155a2c7af1486e8d2504fc839a567a574a2ca25d; Download | Favorite | View

OpenVPN Monitor 1.1.3 Command Injection: Posted Sep 24, 2021; Authored by Sylvain Heiniger, Emanuel Duss; OpenVPN Monitor versions 1.1.3 and below suffer from an injection vulnerability that allows an attacker to inject arbitrary commands into the OpenVPN server management interface socket.; tags | exploit, arbitrary; advisories | CVE-2021-31605; SHA-256 | 4aac8e5a6173c4bf869dd5a55f56e9c252331247d5ba381aa933566cb18beba6; Download | Favorite | View

OpenVPN Monitor 1.1.3 Authorization Bypass / Denial Of Service: Posted Sep 24, 2021; Authored by Sylvain Heiniger, Emanuel Duss; OpenVPN Monitor versions 1.1.3 and below suffer from an authorization bypass vulnerability that allows an attacker to disconnect arbitrary clients, even if the disconnect feature is disabled.; tags | exploit, arbitrary, bypass; advisories | CVE-2021-31606; SHA-256 | 44443d6d17ea4c88ab04491310bc5cbff119d5c6333513c5f92e9d957fcdc127; Download | Favorite | View

Ionic Identity Vault 4.7 Android Biometric Authentication Bypass: Posted Sep 8, 2021; Authored by Emanuel Duss; Ionic Identity Vault versions 4.7 and below suffer from a biometric authentication bypass vulnerability on Android.; tags | exploit, bypass; advisories | CVE-2021-3145; SHA-256 | 0937a4fec4ba4da6536fb54a86bc96cbee6f829e34003327e23d35d71714b309; Download | Favorite | View

Froala WYSIWYG HTML Editor 3.1.1 Cross Site Scripting: Posted Jul 3, 2020; Authored by Emanuel Duss; Froala WYSIWYG HTML Editor versions 3.0.6 through 3.1.1 suffer from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2019-19935; SHA-256 | bdfe7870a6bfb2049e8c75da603ea32348be1f41280ca90de30fc97cec47171d; Download | Favorite | View

Siemens SICAM A8000 Series Denial Of Service: Posted Jan 17, 2019; Authored by Nicolas Heiniger, Emanuel Duss; Siemens SICAM A8000 Series suffers from an XML injection denial of service vulnerability.; tags | exploit, denial of service; advisories | CVE-2018-13798; SHA-256 | 354a63d78ac4b5ab320b994b6c1ce672f98e673e216b330282677992fd04dbd8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days