OXAS-ADV-2024-0004: OX App Suite Security Advisory
Posted by Martin Heiland via Fulldisclosure on Aug 22 Dear subscribers, We're sharing our latest advisory with you and like to thank everyone who contributed...
[SYSS-2024-042] DiCal-RED – Exposure of Sensitive Information to an Unauthorized Actor
Posted by Sebastian Hamann via Fulldisclosure on Aug 22 Advisory ID: SYSS-2024-042 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Version(s): Unknown Tested Version(s): 4009 Vulnerability...
[SYSS-2024-041] DiCal-RED – Use of Unmaintained Third Party Components
Posted by Sebastian Hamann via Fulldisclosure on Aug 22 Advisory ID: SYSS-2024-041 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Version(s): Unknown Tested Version(s): 4009 Vulnerability...
[SYSS-2024-040] DiCal-RED – Improper Authentication
Posted by Sebastian Hamann via Fulldisclosure on Aug 22 Advisory ID: SYSS-2024-040 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Version(s): Unknown Tested Version(s): 4009 Vulnerability...
[SYSS-2024-039] DiCal-RED – Path Traversal
Posted by Sebastian Hamann via Fulldisclosure on Aug 22 Advisory ID: SYSS-2024-039 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Version(s): Unknown Tested Version(s): 4009 Vulnerability...
[SYSS-2024-038] DiCal-RED – Use of Password Hash Instead of Password for Authentication
Posted by Sebastian Hamann via Fulldisclosure on Aug 22 Advisory ID: SYSS-2024-038 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Version(s): Unknown Tested Version(s): 4009 Vulnerability...
[SYSS-2024-037] DiCal-RED – Use of Password Hash With Insufficient Computational Effort
Posted by Sebastian Hamann via Fulldisclosure on Aug 22 Advisory ID: SYSS-2024-037 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Version(s): Unknown Tested Version(s): 4009 Vulnerability...
[SYSS-2024-035] DiCal-RED – Missing Authentication for Critical Function
Posted by Sebastian Hamann via Fulldisclosure on Aug 22 Advisory ID: SYSS-2024-035 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Version(s): Unknown Tested Version(s): 4009 Vulnerability...
[SYSS-2024-036] DiCal-RED – Missing Authentication for Critical Function
Posted by Sebastian Hamann via Fulldisclosure on Aug 22 Advisory ID: SYSS-2024-036 Product: DiCal-RED Manufacturer: Swissphone Wireless AG Affected Version(s): Unknown Tested Version(s): 4009 Vulnerability...
Re: Improper Authentication (CWE-287) CVE-2024-33897
Posted by Jeffrey Walton on Aug 22 I believe the problem lies elsewhere. The root cause is an architectural or design problem. Ewon Cosy+ should...