Unauthenticated Action – Page 7 – Computer Security Articles

Credit to Author: SSD / Maor Schwartz| Date: Wed, 27 Sep 2017 11:19:30 +0000

Vulnerability summary The following advisory describes an Unauthenticated Remote Command Execution vulnerability found in Netgear ReadyNAS Surveillance. Netgear ReadyNAS Surveillance – Small businesses and corporate branch offices require a secure way to protect physical assets, but often lack the security expertise or big budget that most solutions require. With these challenges in mind, NETGEAR introduces … Continue reading SSD Advisory – Netgear ReadyNAS Surveillance Unauthenticated Remote Command Execution

Independent Securiteam

SSD Advisory – FLIR Systems Multiple Vulnerabilities

September 24, 2017 admin Information Disclosure, Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Sun, 24 Sep 2017 09:26:54 +0000

Vulnerabilities Summary The following advisory describes 5 (five) vulnerabilities found in FLIR Systems FLIR Thermal/Infrared Camera FC-Series S, FC-Series ID, PT-Series. FLIR – “Best-in-class thermal cameras with on-board analytics for high-performance intrusion detection. The new FC-Series ID combines best-in-class thermal image detail and high-performance edge perimeter analytics together in a single device that delivers optimal … Continue reading SSD Advisory – FLIR Systems Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Sentora / ZPanel Password Reset Vulnerability

September 24, 2017 admin SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Sun, 24 Sep 2017 07:58:32 +0000

Vulnerability Summary The following advisory describes a password reset found in Sentora / ZPanel. Sentora is “a free to download and use web hosting control panel developed for Linux, UNIX and BSD based servers or computers. The Sentora software can turn a domestic or commercial server into a fully fledged, easy to use and manage … Continue reading SSD Advisory – Sentora / ZPanel Password Reset Vulnerability

Independent Securiteam

SSD Advisory – NEXXT Authentication Bypass

September 18, 2017 admin SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Sun, 17 Sep 2017 09:02:04 +0000

Vulnerability Summary The following advisory describes an authentication bypass found in NEXXT routers. NEXXT Connectivity Solutions develops “state of the art networking devices that help connect people and things together, at home, the office and virtually everywhere”. Credit An independent security researcher, Netfairy, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor … Continue reading SSD Advisory – NEXXT Authentication Bypass

Independent Securiteam

SSD Advisory – Hanbanggaoke IP Camera Arbitrary Password Change

September 11, 2017 admin SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Mon, 11 Sep 2017 13:49:23 +0000

Vulnerability summary The following advisory describes an arbitrary password change vulnerability found in Hanbanggaoke webcams. Beijing Hanbang Technology, “one of the first enterprises entering into digital video surveillance industry, has been focusing on R&D of products and technology of digital video surveillance field. While providing product and technical support, it also provides overall solution for … Continue reading SSD Advisory – Hanbanggaoke IP Camera Arbitrary Password Change

Independent Securiteam

SSD Advisory – McAfee LiveSafe MiTM Registry Modification leading to Remote Command Execution

September 7, 2017 admin Man In The Middle, Remote Code Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Thu, 07 Sep 2017 06:14:58 +0000

Vulnerabilities Summary The following advisory describes a Remote Code Execution found in McAfee McAfee LiveSafe (MLS) versions prior to 16.0.3. The vulnerability allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response. McAfee Security Scan Plus is a free diagnostic tool that ensures you are protected from … Continue reading SSD Advisory – McAfee LiveSafe MiTM Registry Modification leading to Remote Command Execution

Independent Securiteam

SSD Advisory – WiseGiga NAS Multiple Vulnerabilities

September 5, 2017 admin Information Disclosure, Local File Inclusion, Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Tue, 05 Sep 2017 11:11:02 +0000

Vulnerabilities summary The following advisory describes five (5) vulnerabilities and default accounts / passwords found in WiseGiga NAS devices. WiseGiga is a Korean company selling NAS products. The vulnerabilities found in WiseGiga NAS are: Pre-Authentication Local File Inclusion (4 different vulnerabilities) Post-Authentication Local File Inclusion Remote Command Execution as root Remote Command Execution as root … Continue reading SSD Advisory – WiseGiga NAS Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Mako Web-server Tutorials Multiple Unauthenticated Vulnerabilities

September 3, 2017 admin File Disclosure, Remote Command Execution, SecuriTeam Secure Disclosure, Server Side Request Forgery, Unauthenticated Action

Credit to Author: SSD / Maor Schwartz| Date: Sun, 03 Sep 2017 06:38:44 +0000

Vulnerabilities Summary The following advisory describe three (3) vulnerabilities found in Mako Server’s tutorial page. The vulnerabilities found are: Unauthenticated Arbitrary File Write vulnerability that leads to Remote Command Execution Unauthenticated File Disclosure Unauthenticated Server Side Request Forgery As these tutorial may be used as the basis for production code, it is important for users … Continue reading SSD Advisory – Mako Web-server Tutorials Multiple Unauthenticated Vulnerabilities