Category Archives: Advisories

BACKDOOR.WIN32.AUTOSPY.10 / Unauthenticated Remote Command Execution

Read Time:20 Second

Posted by malvuln on Mar 02

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/b012704cad2bae6edbd23135394b9127.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.AutoSpy.10
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 1008. Third party adversaries
who can reach an infected host can issue various commands made available by…

BACKDOOR.WIN32.ARMAGEDDON.R / Hardcoded Cleartext Credentials

Read Time:19 Second

Posted by malvuln on Mar 02

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/68d135936512e88cc0704b90bb3839e0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Armageddon.r
Vulnerability: Hardcoded Cleartext Credentials
Description: The malware listens on TCP port 5859 and requires
authentication. The password “KOrUPtIzEre” is stored in cleartext within
the PE file at…

Multilaser Router – Access Control Bypass through Cookie Manipulation – CVE-2023-38946

Read Time:16 Second

Posted by Vinícius Moraes on Mar 02

=====[Tempest Security Intelligence – Security Advisory –
CVE-2023-38946]=======

Access Control Bypass in Multilaser router’s Web Management Interface

Author: Vinicius Moraes < vinicius.moraes.w () gmail com >

=====[Table of
Contents]========================================================

1. Overview
2. Detailed description
3. Other contexts & solutions
4. Acknowledgements
5. Timeline
6. References

=====[1….

Multilaser Router – Access Control Bypass through URL Manipulation – CVE-2023-38945

Read Time:16 Second

Posted by Vinícius Moraes on Mar 02

=====[Tempest Security Intelligence – Security Advisory –
CVE-2023-38945]=======

Access Control Bypass in Multilaser routers’ Web Management Interface

Author: Vinicius Moraes < vinicius.moraes.w () gmail com >

=====[Table of
Contents]========================================================

1. Overview
2. Detailed description
3. Other contexts & solutions
4. Acknowledgements
5. Timeline
6. References

=====[1….

Multilaser Router – Access Control Bypass through Header Manipulation – CVE-2023-38944

Read Time:16 Second

Posted by Vinícius Moraes on Mar 02

=====[Tempest Security Intelligence – Security Advisory –
CVE-2023-38944]=======

Access Control Bypass in Multilaser routers’ Web Management Interface

Author: Vinicius Moraes < vinicius.moraes.w () gmail com >

=====[Table of
Contents]========================================================

1. Overview
2. Detailed description
3. Other contexts & solutions
4. Acknowledgements
5. Timeline
6. References

=====[1….

GLSA 202403-02: Blender: Multiple Vulnerabilities

Read Time:1 Second

Post Content

GLSA 202403-01: Tox: Remote Code Execution

Read Time:1 Second

Post Content

GLSA 202403-03: UltraJSON: Multiple Vulnerabilities

Read Time:1 Second

Post Content

qpdf-11.9.0-1.fc40

Read Time:11 Second

FEDORA-2024-7d55be81bd

Packages in this update:

qpdf-11.9.0-1.fc40

Update description:

2267205 – TRIAGE CVE-2024-24246 qpdf – Heap Buffer Overflow vulnerability in qpdf [fedora-all]

2265854 – qpdf-11.9.0 is available

qpdf-11.6.4-2.fc38

Read Time:9 Second

FEDORA-2024-daa7df59d6

Packages in this update:

qpdf-11.6.4-2.fc38

Update description:

2267205 – CVE-2024-24246 qpdf – Heap Buffer Overflow vulnerability in qpdf [fedora-all]

News, Advisories and much more

Exit mobile version