Category Archives: Advisories

CVE-2021-27854

Read Time:10 Second

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.

Read More

CVE-2021-27862

Read Time:9 Second

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).

Read More

Backdoor.Win32.Augudor.b / Remote File Write Code Execution

Read Time:21 Second

Posted by malvuln on Sep 27

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/94ccd337cbdd4efbbcc0a6c888abb87d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Augudor.b
Vulnerability: Remote File Write Code Execution
Description: The malware drops an empty file named “zy.exe” and listens on
TCP port 810. Third-party adversaries who can reach the infected host can…

Read More

Backdoor.Win32.Psychward.b / Weak Hardcoded Credentials

Read Time:19 Second

Posted by malvuln on Sep 27

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/0b8cf90ab9820cb3fcb7f1d1b45e4e57.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Psychward.b
Vulnerability: Weak Hardcoded Credentials
Description: The malware listens on TCP port 8888 and requires
authentication. However, the password “4174” is weak and hardcoded in
cleartext within the PE…

Read More

Backdoor.Win32.Bingle.b / Weak Hardcoded Credentials

Read Time:20 Second

Posted by malvuln on Sep 27

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/eacaa12336f50f1c395663fba92a4d32.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Bingle.b
Vulnerability: Weak Hardcoded Credentials
Description: The malware is packed using ASPack 2.11, listens on TCP port
22 and requires authentication. However, the password “let me in” is weak
and…

Read More