What Counts as “Good Faith Security Research?”
The U.S. Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that...
SEC Consult SA-20220602-0 :: Multiple Memory Corruption Vulnerabilities in dbus-broker
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 03 SEC Consult Vulnerability Lab Security Advisory < 20220602-0 > ======================================================================= title: Multiple Memory...
SEC Consult SA-20220601-1 :: Authenticated Command Injection in Poly Studio
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 03 SEC Consult Vulnerability Lab Security Advisory < 20220601-1 > ======================================================================= title: Authenticated Command...
SEC Consult SA-20220601-0 :: Multiple Critical Vulnerabilities in Poly EagleEye Director II
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 03 SEC Consult Vulnerability Lab Security Advisory < 20220601-0 > ======================================================================= title: Multiple Critical...
SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 03 SEC Consult Vulnerability Lab Security Advisory < 20220531-0 > ======================================================================= title: Backdoor account...
Re: Three vulnerabilities found in MikroTik’s RouterOS
Posted by Q C on Jun 03 [update 2022/05/30] Two CVEs have been assigned to these vulnerabilities. CVE-2021-36613: Mikrotik RouterOs before stable 6.48.2 suffers from...
[CVE-2021-40150] Reolink E1 Zoom Camera <= 3.0.0.716 Unauthenticated Web Server Configuration Disclosure
Posted by Julien Ahrens (RCE Security) on Jun 03 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/...
[CVE-2021-40149] Reolink E1 Zoom Camera <= 3.0.0.716 Unauthenticated Private Key Disclosure
Posted by Julien Ahrens (RCE Security) on Jun 03 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/...
Me on Public-Interest Tech
Back in November 2020, in the middle of the COVID-19 pandemic, I gave a virtual talk at the International Symposium on Technology and Society: “The...
A Vulnerability in Atlassian Confluence Server and Data Center Could Allow for Remote Code Execution
A vulnerability has been discovered in Atlassian Confluence Server and Data Center, which could allow for remote code execution. Confluence is a wiki tool used...