| Real Name | Gjoko Krstic |
|---|---|
| Email address | private |
| First Active | 2007-07-26 |
| Last Active | 2023-05-15 |
COMMAX WebViewer ActiveX Control version 2.1.4.5 suffers from a buffer overflow vulnerability.
66c11a5f5881cde4082cee18bde6149185ba1f5723e3fc7de7923c14cd71f29aCOMMAX Smart Home IoT Control System CDP-1020n suffers from a remote SQL injection vulnerability that allows for authentication bypass.
db1705d6c5028d06bd17e60accdf31d79a7f37e15ad06170ee24d737b75aa84cCOMMAX Biometric Access Control System version 1.0.0 suffers from a authentication bypass vulnerability.
b1364b82f05257f36b96c871e5e8b056caa0124ebc57d9b538f5b9f3df69b2f0COMMAX Biometric Access Control System version 1.0.0 suffers from a cross site scripting vulnerability.
36e9d9cfdaacb2b715c8edce76efb1ba0abdfd8bb278a95611653293be33cb02Panasonic Sanyo CCTV Network Camera version 2.03-0x allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. These actions can be exploited to perform authentication detriment and account password change with administrative privileges if a logged-in user visits a malicious web site.
99282d0ad093fb7f0b78aa1a3e353d972615b19e9b6715a70f10d0e4ebbfcf3cLongjing Technology BEMS API version 1.21 suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.
ecde74e6d4e7cbe2d1a44b93eaae60686b9045e1ada24356e1f1263b9c767441IntelliChoice eFORCE Software Suite version 2.5.9 allows for username enumeration.
b4598723e07ce8a6c4f8a1ac2fbd7802bf319eccafe1b549bb7d97c72f235792KevinLAB BEMS version 1.0 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the page GET parameter in index.php is not properly verified before being used to include files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.
e7fe1145875f4fee303754d7337102102f889c5f0d146987b8e928e2a6212f22KevinLAB BEMS version 1.0 suffers from an unauthenticated SQL Injection vulnerability. Input passed through input_id POST parameter in /http/index.php is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code to bypass the authentication mechanism.
7a5075697680808e5b44c8cbcf23d84270742048cad9980a168091187abdbea1KevinLAB BEMS version 1.0 has an undocumented backdoor account and the sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution thru the RMI. Attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the BEMS is offering remotely.
e4b4cd6f51b8e33aae4b3ac4567d5823ab352a308e656ca6dc37edc4c64a9881Ricon Industrial Cellular Router S9922XL suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the admin (root) user via the ping_server_ip POST parameter. It is also vulnerable to Heartbleed.
6bc26692f58719553d7c44565a9e32b962f1b7a0df1be48e3aa022a96cc9e0b5Epic Games Easy Anti-Cheat version 4.0 suffers from a local privilege escalation vulnerability.
70bfaf6aa2d0a149604e36475222505015277f0a6da0cde0042196586d13bf3cEpic Games Rocket League version 1.95 suffers from a stack-based buffer overflow vulnerability. The issue is caused due to a boundary error in the processing of a UPK format file, which can be exploited to cause a stack buffer overflow when a user crafts the file with a large array of bytes inserted in the vicinity offset after the magic header. Successful exploitation could allow execution of arbitrary code on the affected machine.
9aca17edbee1e4311ae8f1782a958f79fa3979f842eee23c1d85f52f471dfe26Epic Games Rocket League versions 1.95 and below suffer from an insecure permissions vulnerability.
7265a86350f635261f04efa01c468b9a397f529d7db60a2450121e1dfcc758b2The Sipwise application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Versions affected include CE_m39.3.1 and below and NGCP www_admin version 3.6.7.
7af65ecb81ce4b4c1a3d5b2e77c78c1b93a601f5b442985ac77bb97f00dc5731Sipwise software platform suffers from multiple authenticated stored and reflected cross site scripting vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Versions affected include CE_m39.3.1 and below and NGCP www_admin version 3.6.7.
3a637df610f4399d796b60fd154117f140f2a37f20b84a0e7e662794af91313aZBL EPON ONU Broadband Router version 1.0 suffers from a privilege escalation vulnerability. The limited administrative user (admin:admin) can elevate his/her privileges by sending a HTTP GET request to the configuration backup endpoint or the password page and disclose the http super user password. Once authenticated as super, an attacker will be granted access to additional and privileged functionalities.
a038fd2df7c57dae5f716438ec33915df6608e83893e656beca767de6a065c08KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 suffers an insufficient session expiration. This occurs when the web application permits an attacker to reuse old session credentials or session IDs for authorization. Insufficient session expiration increases the device's exposure to attacks that can steal or reuse user's session identifiers.
0c41b0e418db6cc3fce61cd5b95edcec7bd24c9c50d23011b09d080bdd1e22afKZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 suffers from a privilege escalation vulnerability. The non-privileged default user (user:user123) can elevate his/her privileges by sending a HTTP GET request to the configuration export endpoint and disclose the admin password. Once authenticated as admin, an attacker will be granted access to the additional and privileged pages.
ac657c7a920abc9292d94f15c71e9ea580b9222af282ef5304979b66ed446773KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 is susceptible to an unauthenticated configuration disclosure when direct object reference is made to the export_settings.cgi file using an HTTP GET request. This will enable the attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and full system access.
603965054eb95da0577b3266629d2f47e3091bf6d4d5db74af928a5dc068442fKZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 allows unauthenticated attackers to restart the device with an HTTP GET request to /goform/RestartDevice page.
004ac443ef3437a7dc29dd40e264756e3f0c35852ab627528f60fae29ab56c98KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 allows unauthenticated attackers to visit the unprotected /goform/LoadDefaultSettings endpoint and reset the device to its factory default settings. Once the GET request is made, the device will reboot with its default settings allowing the attacker to bypass authentication and take full control of the system.
3156b5880f18090db2cb6967bfda33c291e74fcbb4644825d31a6a7dfc004ac5KZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 has an unprotected web management server that is vulnerable to sensitive information disclosure vulnerability. An unauthenticated attacker can visit the syslog page and disclose the webserver's log file containing system information running on the device.
958deee99bc7702bdefacdd8e76f855a06c557df09b4f20f289c8fa141562a8eKZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 suffers from an insecure direct object reference vulnerability.
482b29e97ee4ccf4b8dc4e5040476664b4f3b97ca5897f736e1d3996a4ff86dcKZTech/JatonTec/Neotel JT3500V 4G LTE CPE version 2.0.1 has several backdoors and hidden pages that allow for remote code execution, overwriting of the bootrom, and enabling debug mode.
9e5c4d9e5a68baf4b8009ac9f6cdf69d972d6968d94358877a76aad28b0c3a26
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed