Read Time:7 Second
Jeremy Mousset discovered two XML parsing vulnerabilities in the Tryton
application platform, which may result in information disclosure or
denial of service.
Category Archives: Advisories
CVE-2021-22783
Read Time:9 Second
A CWE-200: Information Exposure vulnerability exists which could allow a session hijack when the door panel is communicating with the door. Affected Product: Ritto Wiser Door (All versions)
Loki RAT (Relapse) / SQL Injection
Read Time:21 Second
Posted by malvuln on Mar 09
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/aabb54951546132e70a8e9f02bf8b5ba_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Loki RAT (Relapse)
Vulnerability: SQL Injection
Description: The LokiRAT WebUI panel for LokiRAT_Relapse.exe runs on PHP
and MySQL and is used to control infected hosts through a central server.
The backend server side code “admin.php”…
Loki RAT (Relapse) / Directory Traversal – Arbitrary File Delete
Read Time:20 Second
Posted by malvuln on Mar 09
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/aabb54951546132e70a8e9f02bf8b5ba.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Loki RAT (Relapse)
Vulnerability: Directory Traversal – Arbitrary File Delete
Description: The LokiRAT WebUI panel for “LokiRAT_Relapse.exe” runs on PHP
and MySQL and is used control infected hosts through a central server.
The admin…
Backdoor.Win32.DirectConnection.103 (1.0 RAT-Tool) / Weak Hardcoded Password
Read Time:19 Second
Posted by malvuln on Mar 09
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/6a6ce3e7f24bf000d9a011a8f1905da8.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.DirectConnection.103 (1.0 RAT-Tool)
Vulnerability: Weak Hardcoded Password
Description: The malware listens on random incrementing high TCP ports
49701,49702 etc. When updating the backdoor the output files password…
Backdoor.Win32.RemoteNC.beta4 / Unauthenticated Remote Command Execution
Read Time:20 Second
Posted by malvuln on Mar 09
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/2862de561d91eedb265df4ae9b0fc872.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.RemoteNC.beta4
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 49941. Third-party attackers
who can reach an infected host can execute any OS commands hijacking taking
over the…
Backdoor.Win32.BluanWeb / Unauthenticated Remote Command Execution
Read Time:18 Second
Posted by malvuln on Mar 09
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/30903ccbc6747c0da5a2775884b78def_C.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.BluanWeb
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware “BlueAngel For WebServer” by “leonshoh” listens on
TCP port 80. The malware provides an HTML web-interface that exposes…
Backdoor.Win32.BluanWeb / Information Disclosure
Read Time:19 Second
Posted by malvuln on Mar 09
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/30903ccbc6747c0da5a2775884b78def_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.BluanWeb
Vulnerability: Information Disclosure
Description: The malware “BlueAngel For WebServer” by “leonshoh” listens on
TCP port 80. The malware provides an HTML web-interface that exposes the
entire system…
Backdoor.Win32.BluanWeb / Unauthenticated Remote Code Execution
Read Time:18 Second
Posted by malvuln on Mar 09
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/30903ccbc6747c0da5a2775884b78def.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.BluanWeb
Vulnerability: Unauthenticated Remote Code Execution
Description: The malware “BlueAngel For WebServer” by “leonshoh” listens on
TCP port 80. The malware provides an HTML web-interface that exposes the…
Backdoor.Win32.FTP.Nuclear.10 / Hardcoded Credentials
Read Time:20 Second
Posted by malvuln on Mar 09
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/9c23dad9ba11305fecf38bed46b0cec2.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.FTP.Nuclear.10
Vulnerability: Hardcoded Credentials
Description: The malware builds backdoor files and uses UPX packer. When
building server.exe the provided credentials are then stored within the PE
file. Unpacking the malware…