This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of KOYO Screen Creator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
A vulnerability has been discovered in Sophos Firewall’s user portal and Webadmin that could allow for arbitrary remote code execution. Sophos Firewall is a next generation firewall product which enables users to manage, detect and respond to threats on the network. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the web application. Depending on the privileges associated with the application, an attacker could view, change, or delete data.
Posted by malvuln on Mar 28
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/35f0d754f161af35241cb081c73ea6dd.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Avstral.e
Vulnerability: Unauthenticated Remote Command Execution
Family: Avstral
Type: PE32
MD5: 35f0d754f161af35241cb081c73ea6dd
Vuln ID: MVID-2022-0529
Dropped files: mssys.exe
Disclosure: 03/27/2022
Description: The malware…
Posted by malvuln on Mar 28
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/c16b04a9879896ef453a6deb13528087_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Chubo.c
Vulnerability: Cross Site Scripting (XSS)
Family: Chubo
Type: Web Panel
MD5: c16b04a9879896ef453a6deb13528087
Vuln ID: MVID-2022-0528
Disclosure: 03/26/2022
Description: The malware listens on TCP port 81 and 8080. There…
Posted by malvuln on Mar 28
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/c16b04a9879896ef453a6deb13528087.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Chubo.c
Vulnerability: Unauthenticated Remote Command Execution
Family: Chubo
Type: PE32
MD5: c16b04a9879896ef453a6deb13528087
Vuln ID: MVID-2022-0527
Disclosure: 03/26/2022
Description: The malware listens on TCP port 81 and 8080….
Posted by malvuln on Mar 28
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/b24c56abb4bde960c2d51d4e509d2c68_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Cafeini.b
Vulnerability: Weak Hardcoded Credentials
Family: Cafeini
Type: PE32
MD5: b24c56abb4bde960c2d51d4e509d2c68
Vuln ID: MVID-2022-0526
Disclosure: 03/25/2022
Description: The malware listens on TCP port 51966. Authentication…
Posted by malvuln on Mar 28
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/b24c56abb4bde960c2d51d4e509d2c68.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Cafeini.b
Vulnerability: Denial of Service
Family: Cafeini
Type: PE32
MD5: b24c56abb4bde960c2d51d4e509d2c68
Vuln ID: MVID-2022-0525
Disclosure: 03/25/2022
Description: The malware listens on TCP port 51966 and is packed by a…
Posted by malvuln on Mar 28
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/3dd1da64e306cae0409e154e15dd1b80.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Cyn.20
Vulnerability: Insecure Permissions
Description: The malware writes a “.EXE” file with insecure permissions to
c drive granting change (C) permissions to the authenticated user group.
Standard users can rename the…
