ZBL EPON ONU Broadband Router version 1.0 suffers from a privilege escalation vulnerability. The limited administrative user (admin:admin) can elevate his/her privileges by sending a HTTP GET request to the configuration backup endpoint or the password page and disclose the http super user password. Once authenticated as super, an attacker will be granted access to additional and privileged functionalities.
4607935e1f6b2fc71ba56373899167b5Ubuntu Security Notice 4900-1 - It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
22c7345367e0c3c848f48020433aace9Trojan-Downloader.Win32.Delf.nzg malware suffers from an insecure permissions vulnerability.
09e6aa20c92b7757559ef3daea189a74Trojan-Downloader.Win32.Delf.ur malware suffers from an insecure permissions vulnerability.
e1da1de5da0338ac90ada65bf44cb4b9Trojan-Downloader.Win32.Delf.oxz malware suffers from an insecure permissions vulnerability.
89e753f5a34059569862bdffb0f2eb02This archive contains all of the 233 exploits added to Packet Storm in March, 2021.
8d0201a158e1c4158421521240355554This Metasploit module exploits a pre-authentication server-side request forgery vulnerability in the F5 iControl REST API's /mgmt/shared/authn/login endpoint to generate an X-F5-Auth-Token that can be used to execute root commands on an affected BIG-IP or BIG-IQ device.
babad085c5ec0276c04a4de6f8676674This Metasploit module leverages an authentication bypass and directory traversal vulnerabilities in Saltstack Salt's REST API to execute commands remotely on the master as the root user. Every 60 seconds, salt-master service performs a maintenance process check that reloads and executes all the grains on the master, including custom grain modules in the Extension Module directory. So, this module simply creates a Python script at this location and waits for it to be executed. The time interval is set to 60 seconds by default but can be changed in the master configuration file with the loop_interval option. Note that, if an administrator executes commands locally on the master, the maintenance process check will also be performed. It has been fixed in the following installation packages: 3002.5, 3001.6 and 3000.8. Also, a patch is available for the following versions: 3002.2, 3001.4, 3000.6, 2019.2.8, 2019.2.5, 2018.3.5, 2017.7.8, 2016.11.10, 2016.11.6, 2016.11.5, 2016.11.3, 2016.3.8, 2016.3.6, 2016.3.4, 2015.8.13 and 2015.8.10. This module has been tested successfully against versions 3001.4, 3002 and 3002.2 on Ubuntu 18.04.
c836d9acbeb076642702599310fe13a4The video gaming industry is a popular target for various threat actors. Players as well as studios and publishers themselves are at risk for both opportunistic and targeted cyber-attacks - tactics range from leveraging fake APKs of popular mobile games, to compromising accounts for resale. Even APT (Advanced Persistent Threat) actors have been known to target the video gaming industry.This report will examine a hacking tool being promoted for use against gamers by masquerading as a cheat for Call of Duty: Warzone. This particular tool is considered a dropper, a piece of malware that is used to install or deliver an additional payload, such as credential stealing malware, on a target system or device. A dropper is a means to an end, rather than the end itself - but still is a critical link in the chain. The dropper examined in this report, "Cod Dropper v0.1", can be customized to install other, more destructive, malware onto the targets' machines.
26427d25345e95e3464980b9dd0c0c78Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.
5b953152490d47bb307a174acaf2f6a8Ubuntu Security Notice 4899-1 - Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially- crafted CF file, a remote attacker could possibly run arbitrary code.
dbd6e8e06d2d1fef4a9f91f0e3ace87eScadaBR version 1.0 suffers from multiple remote shell upload vulnerabilities.
8626f1f23af69cc594f9e46083b387d9School Registration and Fee System version 1.0 suffers from persistent cross site scripting vulnerabilities.
798bee95d57d77d1e00e72e66cb8c083School Registration and Fee System version 1.0 suffers from a remote blind SQL injection vulnerability.
e7d2ffd603c7340148e78206e9763d13phpPgAdmin version 7.13.0 suffers from an authenticated command execution vulnerability.
dcc74644d53515bbb5c0d4e51adb82b9Company Crime Tracking Software version 1.0 suffers from a persistent cross site scripting vulnerability.
38b46c6d01aa66cf4ed8d3c2193f1e65Latrix version 0.6.0 suffers from a remote SQL injection vulnerability.
ef1d8d78c6029e5c832c709d5bfe3c96
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed