SecuriTeam Secure Disclosure – Page 13 – Computer Security Articles

Credit to Author: SSD / Maor Schwartz| Date: Mon, 09 Oct 2017 13:03:25 +0000

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in PHP Melody version 2.7.3. PHP Melody is a “self-hosted Video CMS which evolved over the last 9 years. SEO optimization, unbeaten security and speed are advantages you no longer have to compromise on. A truly great CMS should help you save time and make … Continue reading SSD Advisory – PHP Melody Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Vacron NVR Remote Command Execution

October 8, 2017 admin Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Sun, 08 Oct 2017 06:49:20 +0000

Vulnerability Summary The following advisory describes a remote command execution vulnerability. VACRON Specializing in “various types of mobile monitoring, CCTV monitoring system, IP remote image monitoring system monitoring and other related production, and can accept ODM, OEM and other customized orders, the main products: driving recorder, CCTV analog monitoring system, CMS, IP Cam, etc.” Credit … Continue reading SSD Advisory – Vacron NVR Remote Command Execution

Independent Securiteam

SSD Advisory – Angular-CLI Authentication Bypass

October 4, 2017 admin SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Wed, 04 Oct 2017 08:10:14 +0000

Vulnerability summary The following advisory describes an athentication bypass vulnerability found in Angular-CLI version 1.3.2 The Angular CLI makes “it easy to create an application that already works, right out of the box. It already follows our best practices!” Credit An independent security researcher, Paolo Stagno aka VoidSec, has reported this vulnerability to Beyond Security’s … Continue reading SSD Advisory – Angular-CLI Authentication Bypass

Independent Securiteam

SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure

October 3, 2017 admin File Disclosure, Information Disclosure, SecuriTeam Secure Disclosure

Credit to Author: SSD / Maor Schwartz| Date: Tue, 03 Oct 2017 12:18:28 +0000

Vulnerability Summary The following advisory describes sensitive information Disclosure found in Tiandy IP cameras version 5.56.17.120 Tianjin Tiandy Digital Technology Co., Ltd ( Tiandy Tech) is “one of top 10 leading CCTV manufacturer in China and a global supplier of advanced video surveillance solutions.” Credit An independent security researcher, Netfairy, has reported this vulnerability to … Continue reading SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure

Independent Securiteam

SSD Advisory – Horde Groupware Unauthorized File Download

October 3, 2017 admin File Disclosure, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Tue, 03 Oct 2017 12:14:16 +0000

Vulnerability Summary The following advisory describes an unauthorized file download vulnerability found in Horde Groupware version 5.2.21. Horde Groupware Webmail Edition is “a free, enterprise ready, browser based communication suite. Users can read, send and organize email messages and manage and share calendars, contacts, tasks, notes, files, and bookmarks with the standards compliant components from … Continue reading SSD Advisory – Horde Groupware Unauthorized File Download

Independent Securiteam

SSD Advisory – Mac OS X 10.12 Quarantine Bypass

September 28, 2017 admin Sandbox escape, SecuriTeam Secure Disclosure

Credit to Author: SSD / Noam Rathaus| Date: Thu, 28 Sep 2017 20:52:32 +0000

Vulnerability summary Mac OS X contains a vulnerability that allows bypassing of the Apple Quarantine and the execution of arbitrary JavaScript code without any restrictions. Credit A security researcher from WeAreSegment, Filippo Cavallarin, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor response Apple has been notified on the 27th of June … Continue reading SSD Advisory – Mac OS X 10.12 Quarantine Bypass

Independent Securiteam

SSD Advisory – Netgear ReadyNAS Surveillance Unauthenticated Remote Command Execution

September 27, 2017 admin Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Wed, 27 Sep 2017 11:19:30 +0000

Vulnerability summary The following advisory describes an Unauthenticated Remote Command Execution vulnerability found in Netgear ReadyNAS Surveillance. Netgear ReadyNAS Surveillance – Small businesses and corporate branch offices require a secure way to protect physical assets, but often lack the security expertise or big budget that most solutions require. With these challenges in mind, NETGEAR introduces … Continue reading SSD Advisory – Netgear ReadyNAS Surveillance Unauthenticated Remote Command Execution

Independent Securiteam

SSD Advisory – FLIR Systems Multiple Vulnerabilities

September 24, 2017 admin Information Disclosure, Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Sun, 24 Sep 2017 09:26:54 +0000

Vulnerabilities Summary The following advisory describes 5 (five) vulnerabilities found in FLIR Systems FLIR Thermal/Infrared Camera FC-Series S, FC-Series ID, PT-Series. FLIR – “Best-in-class thermal cameras with on-board analytics for high-performance intrusion detection. The new FC-Series ID combines best-in-class thermal image detail and high-performance edge perimeter analytics together in a single device that delivers optimal … Continue reading SSD Advisory – FLIR Systems Multiple Vulnerabilities