[SYSS-2024-027]: C-MOR Video Surveillance – Improper Privilege Management (CWE-269)
Posted by Matthias Deeg via Fulldisclosure on Sep 05 Advisory ID: SYSS-2024-027 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Version(s): 5.2401, 6.00PL01 Tested Version(s):...
[SYSS-2024-026]: C-MOR Video Surveillance – Unrestricted Upload of File with Dangerous Type (CWE-434)
Posted by Matthias Deeg via Fulldisclosure on Sep 05 Advisory ID: SYSS-2024-026 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Version(s): 5.2401 Tested Version(s): 5.2401...
[SYSS-2024-025]: C-MOR Video Surveillance – Relative Path Traversal (CWE-23)
Posted by Matthias Deeg via Fulldisclosure on Sep 05 Advisory ID: SYSS-2024-025 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Version(s): 5.2401 Tested Version(s): 5.2401...
Backdoor.Win32.Symmi.qua / Remote Stack Buffer Overflow (SEH)
Posted by malvuln on Sep 05 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/6e81618678ddfee69342486f6b5ee780.txt Contact: malvuln13 () gmail com Media:...
HackTool.Win32.Freezer.br (WinSpy) / Insecure Credential Storage
Posted by malvuln on Sep 05 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/2992129c565e025ebcb0bb6f80c77812.txt Contact: malvuln13 () gmail com Media:...
Backdoor.Win32.Optix.02.b / Weak Hardcoded Credentials
Posted by malvuln on Sep 05 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/706ddc06ebbdde43e4e97de4d5af3b19.txt Contact: malvuln13 () gmail com Media:...
Backdoor.Win32.JustJoke.21 (BackDoor Pro) / Unauthenticated Remote Command Execution
Posted by malvuln on Sep 05 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/4dc39c05bcc93e600dd8de16f2f7c599.txt Contact: malvuln13 () gmail com Media:...
Backdoor.Win32.PoisonIvy.ymw / Insecure Credential Storage
Posted by malvuln on Sep 05 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/b0748f1c1a17bad44dc9bd750fc97547.txt Contact: malvuln13 () gmail com Media:...
[SYSS-2024-024]: C-MOR Video Surveillance – Improper Access Control (CWE-284)
Posted by Matthias Deeg via Fulldisclosure on Sep 05 Advisory ID: SYSS-2024-024 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Version(s): 5.2401 Tested Version(s): 5.2401...
[SYSS-2024-023]: C-MOR Video Surveillance – SQL Injection (CWE-89)
Posted by Matthias Deeg via Fulldisclosure on Sep 05 Advisory ID: SYSS-2024-023 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Version(s): 5.2401, 6.00PL01 Tested Version(s):...