Yearly Archives: 2022

Advisories

Net-Worm.Win32.Kibuv.c / Authentication Bypass

Read Time:20 Second

Posted by malvuln on Apr 27

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/4243911d5ca5655d04de8895704fcae6.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Net-Worm.Win32.Kibuv.c
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 7955. Third-party adversaries
who can reach infected systems can logon using any username/password
combination.
Family: Kibuv
Type: PE32
MD5:…

Read More

Advisories

Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow

Read Time:20 Second

Posted by malvuln on Apr 27

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/94d1b2510bf96fa6190cd65876bf4c38.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Jokerdoor
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on TCP port 2172. Third party attackers
who can reach an infected system can send a large payload and trigger a
classic stack buffer overflow…

Read More

Advisories

Trojan-Banker.Win32.Banker.heq / Insecure Permissions

Read Time:20 Second

Posted by malvuln on Apr 27

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/f15d05f74899324ecb61ee29ad162fad.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Banker.Win32.Banker.heq
Vulnerability: Insecure Permissions
Description: The malware writes a BAT script file with insecure permissions
to c drive granting change (C) permissions to the authenticated user group.
Standard users can rename…

Read More

Advisories

SEC Consult SA-20220427-0 :: Privilege Escalation in Miele Benchmark Programming Tool

Read Time:18 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Apr 27

SEC Consult Vulnerability Lab Security Advisory < 20220427-0 >
=======================================================================
title: Privilege Escalation
product: Miele Benchmark Programming Tool
vulnerable version: at least 1.1.49 and 1.2.71
fixed version: 1.2.72
CVE number: CVE-2022-22521
impact: Medium
homepage: https://www.miele.com/
found:…

Read More

Advisories

Trovent Security Advisory 2108-02 / Zepp: User account enumeration in password reset function

Read Time:18 Second

Posted by Stefan Pietsch on Apr 27

# Trovent Security Advisory 2108-02 #
#####################################

User account enumeration in password reset function
###################################################

Overview
########

Advisory ID: TRSA-2108-02
Advisory version: 1.0
Advisory status: Public
Advisory URL: https://trovent.io/security-advisory-2108-02
Affected product: Zepp Android mobile application (com.huami.watch.hmwatchmanager)
Tested versions: Zepp 6.1.4-play…

Read More

Advisories

CVE-2021-34591

Read Time:9 Second

In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat, ip udhcpc and ifplugd.

Read More

Advisories

CVE-2021-34590

Read Time:10 Second

In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are not properly escaped when displayed.

Read More

Advisories

CVE-2021-34589

Read Time:9 Second

In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication via the web interface.

Read More

Advisories

CVE-2021-34588

Read Time:10 Second

In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set at user login. It is empty after reboot .

Read More