Posted by malvuln on Mar 02
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/d6b192a4027c7d635499133ca6ce067f.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Jeemp.c
Vulnerability: Cleartext Hardcoded Credentials
Description: The malware listens on three TCP ports which are randomized
e.g. 9719,7562,8687,8948,7376,8396 so forth. There is an ESMTP server
component…
Posted by malvuln on Mar 02
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/b012704cad2bae6edbd23135394b9127.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.AutoSpy.10
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 1008. Third party adversaries
who can reach an infected host can issue various commands made available by…
Posted by malvuln on Mar 02
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/68d135936512e88cc0704b90bb3839e0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Armageddon.r
Vulnerability: Hardcoded Cleartext Credentials
Description: The malware listens on TCP port 5859 and requires
authentication. The password “KOrUPtIzEre” is stored in cleartext within
the PE file at…
Posted by Vinícius Moraes on Mar 02
=====[Tempest Security Intelligence – Security Advisory –
CVE-2023-38946]=======
Access Control Bypass in Multilaser router’s Web Management Interface
Author: Vinicius Moraes < vinicius.moraes.w () gmail com >
=====[Table of
Contents]========================================================
1. Overview
2. Detailed description
3. Other contexts & solutions
4. Acknowledgements
5. Timeline
6. References
=====[1….
Posted by Vinícius Moraes on Mar 02
=====[Tempest Security Intelligence – Security Advisory –
CVE-2023-38945]=======
Access Control Bypass in Multilaser routers’ Web Management Interface
Author: Vinicius Moraes < vinicius.moraes.w () gmail com >
=====[Table of
Contents]========================================================
1. Overview
2. Detailed description
3. Other contexts & solutions
4. Acknowledgements
5. Timeline
6. References
=====[1….
Posted by Vinícius Moraes on Mar 02
=====[Tempest Security Intelligence – Security Advisory –
CVE-2023-38944]=======
Access Control Bypass in Multilaser routers’ Web Management Interface
Author: Vinicius Moraes < vinicius.moraes.w () gmail com >
=====[Table of
Contents]========================================================
1. Overview
2. Detailed description
3. Other contexts & solutions
4. Acknowledgements
5. Timeline
6. References
=====[1….
FEDORA-2024-7d55be81bd
Packages in this update:
qpdf-11.9.0-1.fc40
Update description:
2267205 – TRIAGE CVE-2024-24246 qpdf – Heap Buffer Overflow vulnerability in qpdf [fedora-all]
2265854 – qpdf-11.9.0 is available
Posts navigation
News, Advisories and much more