SSD Advisory – Cambium Multiple Vulnerabilities

Credit to Author: SSD / Maor Schwartz| Date: Wed, 22 Nov 2017 06:26:27 +0000

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Cambium Network Updater Tool and Networks Services Server. The Network Updater Tool is “a free-of-charge tool that applies packages to upgrade the device types that the release notes for the release that you are using list as supported. Because this tool is available, an … Continue reading SSD Advisory – Cambium Multiple Vulnerabilities

Read more

SSD Advisory – ZTE ZXR10 Router Multiple Vulnerabilities

Credit to Author: SSD / Maor Schwartz| Date: Mon, 23 Oct 2017 10:35:08 +0000

Vulnerabilities summary The following advisory describes five (5) vulnerabilities found in ZTE ZXR10 Router. ZXR10 ZSR V2 series router is “the next generation intelligent access router product of ZTE, which integrates routing, switching, wireless, security, and VPN gateway. The product adopts industry-leading hardware platform and software architecture to provide an intelligent and flexible platform for … Continue reading SSD Advisory – ZTE ZXR10 Router Multiple Vulnerabilities

Read more

SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure

Credit to Author: SSD / Maor Schwartz| Date: Tue, 03 Oct 2017 12:18:28 +0000

Vulnerability Summary The following advisory describes sensitive information Disclosure found in Tiandy IP cameras version 5.56.17.120 Tianjin Tiandy Digital Technology Co., Ltd ( Tiandy Tech) is “one of top 10 leading CCTV manufacturer in China and a global supplier of advanced video surveillance solutions.” Credit An independent security researcher, Netfairy, has reported this vulnerability to … Continue reading SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure

Read more

SSD Advisory – Horde Groupware Unauthorized File Download

Credit to Author: SSD / Maor Schwartz| Date: Tue, 03 Oct 2017 12:14:16 +0000

Vulnerability Summary The following advisory describes an unauthorized file download vulnerability found in Horde Groupware version 5.2.21. Horde Groupware Webmail Edition is “a free, enterprise ready, browser based communication suite. Users can read, send and organize email messages and manage and share calendars, contacts, tasks, notes, files, and bookmarks with the standards compliant components from … Continue reading SSD Advisory – Horde Groupware Unauthorized File Download

Read more

SSD Advisory – Mako Web-server Tutorials Multiple Unauthenticated Vulnerabilities

Credit to Author: SSD / Maor Schwartz| Date: Sun, 03 Sep 2017 06:38:44 +0000

Vulnerabilities Summary The following advisory describe three (3) vulnerabilities found in Mako Server’s tutorial page. The vulnerabilities found are: Unauthenticated Arbitrary File Write vulnerability that leads to Remote Command Execution Unauthenticated File Disclosure Unauthenticated Server Side Request Forgery As these tutorial may be used as the basis for production code, it is important for users … Continue reading SSD Advisory – Mako Web-server Tutorials Multiple Unauthenticated Vulnerabilities

Read more

SSD Advisory – D-Link 850L Multiple Vulnerabilities (Hack2Win Contest)

Credit to Author: SSD / Maor Schwartz| Date: Tue, 08 Aug 2017 08:49:00 +0000

Vulnerabilities Summary The following advisory describe three (3) vulnerabilities found in D-Link 850L router. The vulnerabilities have been reported as part of Hack2Win competition, for more information about Hack2Win – Hack2Win – https://blogs.securiteam.com/index.php/archives/3310. The vulnerabilities found in D-Link 850L are: Remote Command Execution via WAN and LAN Remote Unauthenticated Information Disclosure via WAN and LAN … Continue reading SSD Advisory – D-Link 850L Multiple Vulnerabilities (Hack2Win Contest)

Read more

SSD Advisory – Cisco DPC3928AD DOCSIS Wireless Router Information Disclosure

Credit to Author: SSD / Maor Schwartz| Date: Wed, 31 May 2017 07:33:40 +0000

Vulnerability Summary The following advisory describe information disclosure vulnerability in Cisco DPC3928AD DOCSIS wireless router. The Cisco DPC3928AD DOCSIS is a home wireless router that is currently “Out of support” but is provided by ISPs on a large scale in many countries. Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam … Continue reading SSD Advisory – Cisco DPC3928AD DOCSIS Wireless Router Information Disclosure

Read more

SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities

Credit to Author: SSD / Maor Schwartz| Date: Thu, 25 May 2017 11:52:44 +0000

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Trend Micro Interscan Web Security Virtual Appliance version 6.5. “The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of cross-generational threat defense techniques that have been optimized to protect physical, virtual, and cloud workloads.” The vulnerabilities found in Trend Micro … Continue reading SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities

Read more