ZDI-22-544: (Pwn2Own) Netgear R6700v3 NetUSB Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. Read...
ZDI-22-543: KOYO Screen Creator SCA2 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of KOYO Screen Creator. User interaction is required to exploit this vulnerability in...
Post Title
A vulnerability has been discovered in Sophos Firewall’s user portal and Webadmin that could allow for arbitrary remote code execution. Sophos Firewall is a next...
Backdoor.Win32.Avstral.e / Unauthenticated Remote Command Execution
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/35f0d754f161af35241cb081c73ea6dd.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Chubo.c / Cross Site Scripting (XSS)
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/c16b04a9879896ef453a6deb13528087_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Chubo.c / Unauthenticated Remote Command Execution
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/c16b04a9879896ef453a6deb13528087.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Cafeini.b / Weak Hardcoded Credentials
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/b24c56abb4bde960c2d51d4e509d2c68_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Cafeini.b / Denial of Service
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/b24c56abb4bde960c2d51d4e509d2c68.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Cyn.20 / Insecure Permissions
Posted by malvuln on Mar 28 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/3dd1da64e306cae0409e154e15dd1b80.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Re: ImpressCMS: from unauthenticated SQL injection to RCE
Posted by Egidio Romano on Mar 28 Hello again, Just wanted to let you know I updated the blog post with some more details: apparently,...