The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modification of the configuration settings.
Posted by malvuln on Feb 24
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/584bc06128469423f9e50e8a359d18ac_C.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.FTP.Ics
Vulnerability: Port Bounce Scan (MITM)
Description: The malware listens on TCP port 5554 and accepts any
credentials. Third-party intruders who successfully logon can abuse the
backdoor FTP server as a man-in-the-middle…
Posted by malvuln on Feb 24
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/584bc06128469423f9e50e8a359d18ac_C.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.FTP.Ics
Vulnerability: Port Bounce Scan (MITM)
Description: The malware listens on TCP port 5554 and accepts any
credentials. Third-party intruders who successfully logon can abuse the
backdoor FTP server as a man-in-the-middle…
Posted by malvuln on Feb 24
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/584bc06128469423f9e50e8a359d18ac_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.FTP.Ics
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 5555. Third-party attackers
who can reach the system can run commands made available by the backdoor
hijacking the…
Posted by malvuln on Feb 24
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/584bc06128469423f9e50e8a359d18ac_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.FTP.Ics
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 5555. Third-party attackers
who can reach the system can run commands made available by the backdoor
hijacking the…
Posted by malvuln on Feb 24
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/584bc06128469423f9e50e8a359d18ac.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.FTP.Ics
Vulnerability: Authentication Bypass
Description: The malware runs an FTP server on TCP port 5554. Third-party
attackers who can reach infected systems can logon using any
username/password combination. Intruders may then…
Posted by malvuln on Feb 24
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/584bc06128469423f9e50e8a359d18ac.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.FTP.Ics
Vulnerability: Authentication Bypass
Description: The malware runs an FTP server on TCP port 5554. Third-party
attackers who can reach infected systems can logon using any
username/password combination. Intruders may then…
Posted by malvuln on Feb 24
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/c3e2bbe5dca96687422f2b4e8c80f4ce.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Acropolis.10
Vulnerability: Insecure Permissions
Description: The malware writes a PE file with insecure permissions under c
drive granting change (C) permissions to the authenticated user group.
Standard users can rename the…
Posted by malvuln on Feb 24
Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/c3e2bbe5dca96687422f2b4e8c80f4ce.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Acropolis.10
Vulnerability: Insecure Permissions
Description: The malware writes a PE file with insecure permissions under c
drive granting change (C) permissions to the authenticated user group.
Standard users can rename the…
Posted by YEUNG, Tsz Ko on Feb 24
Hi all,
I have actually contacted Dahua PSIRT team and they confirmed the
vulnerability exists few days ago but then since this product is not in
that scope on requesting CVE and therefore I am going to disclose the
details here:
Vulnerable Software and Version:
ToolBox-V1.010.0000000.0 (versions prior to this are probably vulnerable
but just tested against V1.010.0000000.0)
Vulnerable software download link:…
