Multiple stored cross-site scripting (XSS) vulnerabilities in Arcadyan Wifi routers VRV9506JAC23 allow remote attackers to inject arbitrary web script or HTML via the hostName and domain_name parameters present in the LAN configuration section of the administrative dashboard.
The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is sent in cleartext, allowing an attacker to sniff and intercept traffic to learn the administrative credentials to the router.
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code or information disclosure.
Posted by malvuln on Dec 13
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/618f28253d1268132a9f10819a6947f2.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Backup media: infosec.exchange/@malvuln
Threat: Trojan-Dropper.Win32.Decay.dxv (CyberGate v1.00.0)
Vulnerability: Insecure Proprietary Password Encryption
Family: CyberGate
Type: PE32
MD5: 618f28253d1268132a9f10819a6947f2
Vuln ID:…
Posted by Thomas Weber on Dec 13
CyberDanube Security Research 20221009-0
——————————————————————————-
title| Authenticated Command Injection
product| Intelbras WiFiber 120AC inMesh
vulnerable version| 1.1-220216
fixed version| 1-1-220826
CVE number| CVE-2022-40005
impact| High
…
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 13
SEC Consult Vulnerability Lab Security Advisory < 20221213-0 >
=======================================================================
title: Privilege Escalation Vulnerabilities (UNIX Insecure File
Handling)
product: SAP® Host Agent (saposcol)
vulnerable version: see section “Vulnerable / tested versions”
fixed version: see SAP security note 3159736
CVE…
Posted by Andrey Stoykov on Dec 13
# Exploit Title: Shoplazza 1.1 – Stored Cross Site Scripting
# Exploit Author: Andrey Stoykov
# Software Link: https://github.com/Shoplazza/LifeStyle
# Version: 1.1
# Tested on: Ubuntu 20.04
Stored XSS #1:
To reproduce do the following:
1. Login as normal user account
2. Browse “Blog Posts” -> “Manage Blogs” -> “Add Blog Post”
3. Select “Title” and enter payload…
Multiple vulnerabilities have been discovered in VMware vRealize Network Insight (vRNI), the most severe of which could result in arbitrary code execution. VMware vRealize Network Insight (vRNI) is an IT management platform which enables visibility, optimization and management of an organization’s physical, virtual and cloud infrastructure. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Multiple vulnerabilities have been discovered in Mozilla Firefox, Firefox Extended Support Release (ESR) and Mozilla Thunderbird, the most severe of which could allow for arbitrary code execution.
Mozilla Firefox is a web browser used to access the Internet.
Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.
Mozilla Thunderbird is an email client.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
On December 11th, 2022, FortiGuard Labs observed a significant spike in IPS signature “TP-Link.Tapo.C200.IP.Camera.Command.Injection”. The IPS signature is for CVE-2021-4045 and detects an attack to exploit a Command Injection vulnerability in TP-Link Tapo C200 IP Camera. Successful exploitation of the vulnerability allows remote attackers to gain control of vulnerable devices.Why is this Significant?This is significant due to the detection spike in our IPS signature, which indicates attackers are attempting to exploit TP-Link Tapo C200 IP Camera devices vulnerable to CVE-2021-4045. Also, proof-of-concept (PoC) code for CVE-2021-4045 is readily available. As such, firmware updates need to be applied to the vulnerable devices as soon as possible.What is CVE-2021-4045?CVE-2021-4045 is a Command Injection vulnerability in TP-Link Tapo C200 IP Camera. Successful exploitation of the vulnerability allows remote attackers to gain control of vulnerable devices. CVE-2021-4045 impacts Tapo C200 version 1.15 and below and has a CVSS score of 9.8. How Widespread is the Attack?Based on the telemetry collected by FortiGuard Labs last 24 hours, 24.55% of the detected exploit attempts came from unidentified countries, followed by Japan (22.48%) and the United States (13.95%).Top 10 Countries where “TP-Link.Tapo.C200.IP.Camera.Command.Injection” was Detected last 24 hours
Country
Percentage
Unknown
24.55%
Japan
22.48%
United States
13.95%
Italy
5.43%
Austria
3.88%
Switzerland
2.84%
Netherlands
2.58%
Germany
2.33%
Belgium
2.07%
Canada
2.07%
Has the Vendor Released a Patch for CVE-2021-4045?Yes, the vendor released firmware with a fix.
