Category Archives: Advisories

Advisories

[SYSS-2024-027]: C-MOR Video Surveillance – Improper Privilege Management (CWE-269)

Read Time:18 Second

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-027
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401, 6.00PL01
Tested Version(s): 5.2401, 6.00PL01
Vulnerability Type: Improper Privilege Management (CWE-269)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2024-04-05
Solution Date: –
Public Disclosure:…

Read More

Advisories

[SYSS-2024-026]: C-MOR Video Surveillance – Unrestricted Upload of File with Dangerous Type (CWE-434)

Read Time:19 Second

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-026
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Unrestricted Upload of File with Dangerous
Type (CWE-434)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2024-04-05
Solution Date: 2024-07-31
Public Disclosure:…

Read More

Advisories

[SYSS-2024-025]: C-MOR Video Surveillance – Relative Path Traversal (CWE-23)

Read Time:19 Second

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-025
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Relative Path Traversal (CWE-23)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2024-04-05
Solution Date: 2024-07-31
Public Disclosure: 2024-09-04
CVE…

Read More

Advisories

Backdoor.Win32.Symmi.qua / Remote Stack Buffer Overflow (SEH)

Read Time:20 Second

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/6e81618678ddfee69342486f6b5ee780.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Symmi.qua
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: The malware listens on two random high TCP ports, when
connecting (ncat) one port will return a single character like “♣”
ord(a)…

Read More

Advisories

HackTool.Win32.Freezer.br (WinSpy) / Insecure Credential Storage

Read Time:20 Second

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/2992129c565e025ebcb0bb6f80c77812.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: HackTool.Win32.Freezer.br (WinSpy)
Vulnerability: Insecure Credential Storage
Description: The malware listens on TCP ports 443, 80 and provides a
web interface for remote access to victim information like screenshots
etc.The username…

Read More

Advisories

Backdoor.Win32.Optix.02.b / Weak Hardcoded Credentials

Read Time:21 Second

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/706ddc06ebbdde43e4e97de4d5af3b19.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.Optix.02.b
Vulnerability: Weak Hardcoded Credentials
Description: Optix listens on TCP port 5151 and is packed with ASPack
(2.11d). Unpacking is trivial set breakpoints on POPAD, RET, run and
dump using OllyDumpEx. The…

Read More

Advisories

Backdoor.Win32.JustJoke.21 (BackDoor Pro) / Unauthenticated Remote Command Execution

Read Time:16 Second

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/4dc39c05bcc93e600dd8de16f2f7c599.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.JustJoke.21 (BackDoor Pro – v2.0b4)
Vulnerability: Unauthenticated Remote Command Execution
Family: JustJoke
Type: PE32
MD5: 4dc39c05bcc93e600dd8de16f2f7c599
SHA256:…

Read More

Advisories

Backdoor.Win32.PoisonIvy.ymw / Insecure Credential Storage

Read Time:16 Second

Posted by malvuln on Sep 05

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/b0748f1c1a17bad44dc9bd750fc97547.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Backdoor.Win32.PoisonIvy.ymw
Vulnerability: Insecure Credential Storage
Family: PoisonIvy
Type: PE32
MD5: b0748f1c1a17bad44dc9bd750fc97547
SHA256: 060c15f401ce4d38d70e7f60aabe31c81935d2c261e350c0ea34387886d48920
Vuln ID: MVID-2024-0688…

Read More

Advisories

[SYSS-2024-024]: C-MOR Video Surveillance – Improper Access Control (CWE-284)

Read Time:19 Second

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-024
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401
Tested Version(s): 5.2401
Vulnerability Type: Improper Access Control (CWE-284)
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2024-04-05
Solution Date: 2024-07-31
Public Disclosure: 2024-09-04
CVE…

Read More

Advisories

[SYSS-2024-023]: C-MOR Video Surveillance – SQL Injection (CWE-89)

Read Time:19 Second

Posted by Matthias Deeg via Fulldisclosure on Sep 05

Advisory ID: SYSS-2024-023
Product: C-MOR Video Surveillance
Manufacturer: za-internet GmbH
Affected Version(s): 5.2401, 6.00PL01
Tested Version(s): 5.2401, 6.00PL01
Vulnerability Type: SQL Injection (CWE-89)
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2024-04-05
Solution Date: –
Public Disclosure: 2024-09-04
CVE…

Read More