ZBL EPON ONU Broadband Router version 1.0 suffers from a privilege escalation vulnerability. The limited administrative user (admin:admin) can elevate his/her privileges by sending a HTTP GET request to the configuration backup endpoint or the password page and disclose the http super user password. Once authenticated as super, an attacker will be granted access to additional and privileged functionalities.
a038fd2df7c57dae5f716438ec33915df6608e83893e656beca767de6a065c08Ubuntu Security Notice 4900-1 - It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
cb6ee91f72333e5d014404f45f6c763856b7a783c3b96aa0373ebb30ee699293Trojan-Downloader.Win32.Delf.nzg malware suffers from an insecure permissions vulnerability.
2a8b1b8837037a1c70527617c4be07e6ad4c4720b9616711c1109167cce63f23Trojan-Downloader.Win32.Delf.ur malware suffers from an insecure permissions vulnerability.
b94f7cc39080a42c5236b3848daf72b607d4671603c6de0fb32ecf17d8e11868Trojan-Downloader.Win32.Delf.oxz malware suffers from an insecure permissions vulnerability.
03290d0c4a81b8975335725e2c9c665d120445d8da0d6f67999ef05ba088347cThis archive contains all of the 233 exploits added to Packet Storm in March, 2021.
422b36d3f353e5d326732b3a5dadabe3b17d488389620879030568181638bfdbThis Metasploit module exploits a pre-authentication server-side request forgery vulnerability in the F5 iControl REST API's /mgmt/shared/authn/login endpoint to generate an X-F5-Auth-Token that can be used to execute root commands on an affected BIG-IP or BIG-IQ device.
af88cb0e39f85d5705c7b101b5d8123cacf7ab8455f5fc35d14ea16b6fc75d0dThis Metasploit module leverages an authentication bypass and directory traversal vulnerabilities in Saltstack Salt's REST API to execute commands remotely on the master as the root user. Every 60 seconds, salt-master service performs a maintenance process check that reloads and executes all the grains on the master, including custom grain modules in the Extension Module directory. So, this module simply creates a Python script at this location and waits for it to be executed. The time interval is set to 60 seconds by default but can be changed in the master configuration file with the loop_interval option. Note that, if an administrator executes commands locally on the master, the maintenance process check will also be performed. It has been fixed in the following installation packages: 3002.5, 3001.6 and 3000.8. Also, a patch is available for the following versions: 3002.2, 3001.4, 3000.6, 2019.2.8, 2019.2.5, 2018.3.5, 2017.7.8, 2016.11.10, 2016.11.6, 2016.11.5, 2016.11.3, 2016.3.8, 2016.3.6, 2016.3.4, 2015.8.13 and 2015.8.10. This module has been tested successfully against versions 3001.4, 3002 and 3002.2 on Ubuntu 18.04.
49c40579de007295532abf11c8ebcc3115636ea6aeaf3fbe9be600207cb7d985The video gaming industry is a popular target for various threat actors. Players as well as studios and publishers themselves are at risk for both opportunistic and targeted cyber-attacks - tactics range from leveraging fake APKs of popular mobile games, to compromising accounts for resale. Even APT (Advanced Persistent Threat) actors have been known to target the video gaming industry.This report will examine a hacking tool being promoted for use against gamers by masquerading as a cheat for Call of Duty: Warzone. This particular tool is considered a dropper, a piece of malware that is used to install or deliver an additional payload, such as credential stealing malware, on a target system or device. A dropper is a means to an end, rather than the end itself - but still is a critical link in the chain. The dropper examined in this report, "Cod Dropper v0.1", can be customized to install other, more destructive, malware onto the targets' machines.
5e38513aae0103e12649461665c14fa46a5772acb881d5395611526d1a436917Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.
ef8eb970940d435e07001fccf2ac210f539a9bb09ea1ef146c5f6ff4cc15a402Ubuntu Security Notice 4899-1 - Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially- crafted CF file, a remote attacker could possibly run arbitrary code.
7e82d922210b3b643c58222e005715d40bd63acdbbeef0bec232db24d5409484ScadaBR version 1.0 suffers from multiple remote shell upload vulnerabilities.
5a92eb4823ed57475fc7effdb2bab98ce6c8f49ffe4b3e5aedd0a9a183c94428School Registration and Fee System version 1.0 suffers from persistent cross site scripting vulnerabilities.
17f5ecc7aa500229c5b8b52d2e72bcaf0b510a153d57ccb291cc3379c6e2b87cSchool Registration and Fee System version 1.0 suffers from a remote blind SQL injection vulnerability.
f2f6f0574bd7dfe9c35ba7604809a04c3aa2cbdd17f92ab15e490d18c5086b9ephpPgAdmin version 7.13.0 suffers from an authenticated command execution vulnerability.
7e78f9012afe8414513c0b1d8cda135dd917f81860ee7962efb2f5a64e3b0be3Company Crime Tracking Software version 1.0 suffers from a persistent cross site scripting vulnerability.
83d5849a6ad90d404d2dd04020f48bbb611920f793c4da72502f84dc1e483db7Latrix version 0.6.0 suffers from a remote SQL injection vulnerability.
78887bd4cc87052539321b4d6d74e78c9989591442e0a224eabc388c8df1bea1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed