Category Archives: Advisories

Ransom.AvosLocker / Code Execution

Read Time:19 Second

Posted by malvuln on May 02

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/40f2238875fcbd2a92cfefc4846a15a8.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Ransom.AvosLocker
Vulnerability: Code Execution
Description: The ransomware looks for and executes DLLs in its current
directory. Therefore, we can potentially hijack a vuln DLL execute our
own code, control and terminate the malware…

Read More

Ransom.LockBit / DLL Hijacking

Read Time:20 Second

Posted by malvuln on May 02

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/96de05212b30ec85d4cf03386c1b84af.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Ransom.LockBit
Vulnerability: DLL Hijacking
Description: LockBit ransomware looks for and executes DLLs in its current
directory. This can potentially allow us to execute our own code, control
and terminate the malware pre-encryption. The exploit…

Read More

Multiple Vulnerabilities in Ruijie RG-EW Series Routers

Read Time:21 Second

Posted by Minh-Khoa Tran on May 02

Advisory: Multiple Vulnerabilities in Ruijie RG-EW Series Routers

=======
Summary
=======

Multiple vulnerabilities was found in Ruijie RG-EW Series Routers from
Ruijie Networks, including 1 pre-authenticated and 5 post-authenticated
Remote Code Execution (RCE).

==============
CVE-2021-43159
==============

## Description

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks
Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 /…

Read More

CVE-2020-23617

Read Time:9 Second

A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute arbitrary web scripts or HTML via SCRIPT element.

Read More