Posted by malvuln on Apr 27

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/94d1b2510bf96fa6190cd65876bf4c38.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Jokerdoor
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on TCP port 2172. Third party attackers
who can reach an infected system can send a large payload and trigger a
classic stack buffer overflow…

Read More

Posted by malvuln on Apr 27

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/f15d05f74899324ecb61ee29ad162fad.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Banker.Win32.Banker.heq
Vulnerability: Insecure Permissions
Description: The malware writes a BAT script file with insecure permissions
to c drive granting change (C) permissions to the authenticated user group.
Standard users can rename…

Read More

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Apr 27

SEC Consult Vulnerability Lab Security Advisory < 20220427-0 >
=======================================================================
title: Privilege Escalation
product: Miele Benchmark Programming Tool
vulnerable version: at least 1.1.49 and 1.2.71
fixed version: 1.2.72
CVE number: CVE-2022-22521
impact: Medium
homepage: https://www.miele.com/
found:…

Read More

Posted by Stefan Pietsch on Apr 27

# Trovent Security Advisory 2108-02 #
#####################################

User account enumeration in password reset function
###################################################

Overview
########

Advisory ID: TRSA-2108-02
Advisory version: 1.0
Advisory status: Public
Advisory URL: https://trovent.io/security-advisory-2108-02
Affected product: Zepp Android mobile application (com.huami.watch.hmwatchmanager)
Tested versions: Zepp 6.1.4-play…

Read More

In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are not properly escaped when displayed.

Read More

In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation. An authenticated attacker could get root access via the suid applications socat, ip udhcpc and ifplugd.

Read More

IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information from another user’s dashboard providing the dashboard ID of that user. IBM X-Force ID: 203030.

Read More

In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable.

Read More

In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set at user login. It is empty after reboot .

Read More

In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication via the web interface.

Read More