| Real Name | Gjoko Krstic |
|---|---|
| Email address | private |
| First Active | 2007-07-26 |
| Last Active | 2023-05-15 |
Verizon's 4G LTE Network Extender is utilizing a weak default admin password generation algorithm. The password is generated using the last 4 values from device's MAC address which is disclosed on the main webUI login page to an unauthenticated attacker. The values are then concatenated with the string LTEFemto resulting in something like LTEFemtoD080 as the default Admin password. Versions GA4.38 through 0.4.038.2131 are affected.
59ce4ad0a80db9115ae14b1ebb563c934a8d4e694bb93586a6f38b338e1ab98dICT Protege GX/WX version 2.08 suffers from a client-side SHA1 password hash disclosure vulnerability.
f203bc1b35e3b9d44818d0680ff7a367ed1eac4fa488fe060a5c8a1fec93d479ICT Protege GX/WX version 2.08 suffers from a persistent cross site scripting vulnerability.
0761967ed7f26d12def00046c1c81a51292379f6aee38f2875fd95654cb59e1aICL ScadaFlex II SCADA Controllers SC-1/SC-2 version 1.03.07 is vulnerable to unauthenticated file write/overwrite and deletion. This allows an attacker to execute critical file CRUD operations on the device that can potentially allow system access and impact availability.
692f4de735fbbad8010644968c54cdfe4e595dc3154860210526aa667a9f2e0cH3C SSL VPN suffers from a username enumeration vulnerability during the login sequence.
dfee4cf29211a5243ad88690480fda707d2c3e7a7d71e2ad687f07a80c49882eFetch Softworks Fetch FTP Client version 5.8 suffers from a remote CPU consumption denial of service vulnerability.
39661448198dd708a96b67957a59b551619e612105aace960d22e309d08ca49dOpenBMCS version 2.4 suffers from a secret disclosure vulnerability.
a40e30c16f0d2888ff426295f31b93b41116fcc4eb79213fafc80f0a5c06510bOpenBMCS version 2.4 suffers from remote file inclusion and server-side request forgery vulnerabilities.
505b78cffe8b2f1b771d3702d316ef5c1753e49ac00b67466b0784a71a1ea915OpenBMCS version 2.4 create administrator proof of concept exploit that leverages a remote privilege escalation vulnerability.
dfa165d919105379e965f9f7c64bc72209b082357f408421bbd7348be571f7eaOpenBMCS version 2.4 suffers from an authenticated remote SQL injection vulnerability.
3aeb898ad8ef01997d5126cc60a9a27460e4a21f989924b572387e47ffec85ffOpenBMCS version 2.4 suffers from a cross site request forgery vulnerability.
49761c5a766632d48b5e2db091385ef7d796cdc174fb58a9f84c48a390e63d92meterN version 1.2.3 suffers from an authenticated remote command execution vulnerability.
d03478d19f799c6fe12536a7b5353c838ea40fb8825294f625cab67028553daaZucchetti Axess CLOKI Access Control version 1.64 suffers from a cross site request forgery vulnerability.
5ee851be27389c34fce6b6b8f31ca356b97517cee36216ebce3cf2a59bf0d6a4i3 International Annexxus Cameras Ax-n version 5.2.0 does not allow creation of more than one administrator account on the system. This also applies for deletion of the administrative account. The logic behind this restriction can be bypassed by parameter manipulation using dangerous verbs like PUT and DELETE and improper server-side validation. Once a normal account with viewer or operator permissions has been added by the default admin user i3admin, a PUT request can be issued calling the UserPermission endpoint with the ID of created account and set it to admin userType, successfully adding a second administrative account.
3e641781592da07922dd7ee30daf5267b6d7f9b85ed06f3a2968275095a40591Cypress Solutions CTM-200 wireless gateway version 2.7.1 suffers from an authenticated semi-blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'ctm-config-upgrade.sh' script leveraging the 'fw_url' POST parameter used in the cmd upgreadefw as argument, called by ctmsys() as pointer to execv() and make_wget_url() function to the wget command in /usr/bin/cmdmain ELF binary.
3c5b924eea85063a32d4abf12a102470e52fe008b637d8c375ec9d27c3e4f296Cypress Solutions CTM-200/CTM-ONE suffers from a hard-coded credential remote root vulnerability via telnet and ssh.
c6e807601e506777669f00a74526a7064066038cba2f8103bedd98cb559088c8FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 suffers from a remote privilege escalation vulnerability.
6ef66ed70e92ad612290d98df48054d67d1c964e07a0683eaed0ee4abc38ad4eFatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 has the hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in the Users menu list of the application.
76986786233f93566ddb9953be6f98bfa450885a5ac241ed16617a8870a9ff2bFatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 is vulnerable to an unauthenticated configuration disclosure when a direct object reference is made to the backup archive file using an HTTP GET request.
c9208e538a5afc70b3635572f890f2667c94de059d48740427d2b3abf186786cFatPipe Networks WARP version 10.2.2 suffers from an authorization bypass vulnerability.
d011bfaa75604c3b3dc63ad611330b11fc8a534120edc38f724e1a4f58929d87The application interface FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
7e2119d2b169c3fb6fb1b259c686bac08187edd3b7de42bea6ab93a108d54445COMMAX CVD-Axx DVR version 5.1.4 uses a weak set of default administrative credentials that can be easily guessed in remote password attacks and used to disclose the RTSP stream.
b803657ac347af637721c0d8d6c1e09ad231eaf41d9ab12e4c4bac45075a5e15COMMAX Smart Home Ruvie CCTV Bridge DVR Service suffers from unauthenticated configuration writing and denial of service vulnerabilities.
8890c32e87149f67b7a1b84524c7b4a4c6a2e5f6674351a154c33921586bfb06COMMAX Smart Home Ruvie CCTV Bridge suffers from a credential disclosure vulnerability.
33e9a5c5cc3d38dfc956ed11d44560f9e260a3b7c50d3efbebab8513a5d0476cCOMMAX UMS Client ActiveX Control version 1.7.0.2 suffers from a heap buffer overflow vulnerability.
e327f8ce34f952bbed55392b1785a9ab4b15bb16ed92be4015504e303d2002c1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed