Read Time:3 Second
British schools were hit far more than those abroad
Daily Archives: April 14, 2023
Five Arrests in Crackdown on $98m Investment Fraud Gang
Volume of Opaque Breach Notices Surges in Q1
ZDI-23-443: Schneider Electric APC Easy UPS Online SocketService Missing Authentication Denial-of-Service Vulnerability
Read Time:9 Second
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit this vulnerability.
ZDI-23-444: Schneider Electric APC Easy UPS Online updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to bypass authentication on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit this vulnerability.
ZDI-23-445: Schneider Electric APC Easy UPS Online getMacAddressByIP Command Injection Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit this vulnerability.
ZDI-23-446: (Pwn2Own) Sonos One Speaker libsmb2 Integer Overflow Information Disclosure Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability.
ZDI-23-447: (Pwn2Own) Sonos One Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability.
ZDI-23-448: (Pwn2Own) Sonos One Speaker msprox Endpoint Out-Of-Bounds Read Information Disclosure Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability.
ZDI-23-449: (Pwn2Own) Sonos One Speaker MPEG-TS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability.