Threat: Trojan-Downloader.Win32.Small.ahlq
Vulnerability: Insecure Permissions
Description: the malware creates a directory with insecure permissions
under c drive granting change (C) permissions to the authenticated user
group. Standard users can rename…
Threat: Backdoor.Win32.GF.j
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 21554. Third-party adversaries
who can reach infected hosts can run commands made available by the
backdoor.
Threat: Virus.Win32.Qvod.b
Vulnerability: Insecure Permissions
Description: The malware writes a PE file with insecure permissions to c
drive granting change (C) permissions to the authenticated user group.
Standard users can rename the executable dropped…
Threat: Email-Worm.Win32.Sidex
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 5151 and creates a dir named
“vortex” with several PE files. Third-party adversaries who can reach an
infected…
Threat: Net-Worm.Win32.Kibuv.c
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 7955. Third-party adversaries
who can reach infected systems can logon using any username/password
combination.
Family: Kibuv
Type: PE32
MD5:…
Threat: Backdoor.Win32.Jokerdoor
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on TCP port 2172. Third party attackers
who can reach an infected system can send a large payload and trigger a
classic stack buffer overflow…
Threat: Trojan-Banker.Win32.Banker.heq
Vulnerability: Insecure Permissions
Description: The malware writes a BAT script file with insecure permissions
to c drive granting change (C) permissions to the authenticated user group.
Standard users can rename…
In Bender/ebee Charge Controllers in multiple versions are prone to Cross-site Scripting. An authenticated attacker could write HTML Code into configuration values. These values are not properly escaped when displayed.