ZDI-22-1704: D-Link DIR-825/EE xupnpd IVI Plugin Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825/EE routers. Authentication is not required to exploit this vulnerability. Read...
ZDI-22-1705: D-Link DIR-825/EE xupnpd Vimeo Plugin Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825/EE routers. Authentication is not required to exploit this vulnerability. Read...
ZDI-22-1706: D-Link DIR-825/EE xupnpd Upload Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825/EE routers. Authentication is not required to exploit this vulnerability. Read...
IcedID Abuses Google Search for Distribution
FortiGuard Labs is aware of a report that the IcedID threat actor started to abuse Google pay per click (PPC) to distribute malware. Malicious ads...
New Zerobot Variant Exploits Additional Vulnerabilities for Propagation
FortiGuard Labs is aware of a report that a new Zerobot variant is capable of propagating to other devices by exploiting known vulnerabilities. Zerobot was...
binwalk-2.3.3-1.fc36
FEDORA-2022-3727f00e4b Packages in this update: binwalk-2.3.3-1.fc36 Update description: Security fix for CVE-2021-4287 Read More
binwalk-2.3.3-1.fc37
FEDORA-2022-a36ba48049 Packages in this update: binwalk-2.3.3-1.fc37 Update description: Security fix for CVE-2021-4287 Read More
CVE-2018-25046
Due to improper path santization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. Read More