Advisories archive

SSD Advisory – SmarterMail XSS
TL;DR Find out how a cross site scripting vulnerability in SmarterMail allows remote attackers to obtain the JWT token used
SSD Advisory – Ivanti Avalanche Directory Traversal
TL;DR Find out how a directory traversal vulnerability in Ivanti Avalanche allows remote unauthenticated user to access files that reside
SSD Advisory – VoIPmonitor UnAuth RCE
TL;DR Find out how a vulnerability in VoIPmonitor allows an unauthenticated attacker to execute arbitrary code. Vulnerability Summary VoIPmonitor is
SSD Advisory – TG8 Firewall PreAuth RCE and Password Disclosure
TL;DR Find out how vulnerabilities in TG8 Firewall allows remote unauthenticated users to execute arbitrary code on the remote device
SSD Advisory – NETGEAR Nighthawk R7000 httpd PreAuth RCE
TL;DR Find out how a vulnerability in NETGEAR R7000 allows an attacker to run arbitrary code without requiring authentication with
SSD Advisory – Hongdian H8922 Multiple Vulnerabilities
TL;DR Find out how multiple vulnerabilities in Hongdian H8922 allow an attacker to run arbitrary commands on the device with
SSD Advisory – OverlayFS PE
TL;DR Find out how a vulnerability in OverlayFS allows local users under Ubuntu to gain root privileges. Vulnerability Summary An
SSD Advisory – QNAP Pre-Auth CGI_Find_Parameter RCE
TL;DR Find out how a memory corruption vulnerability can lead to a pre-auth remote code execution on QNAP QTS's Surveillance
SSD Advisory – DD-WRT UPNP Buffer Overflow
TL;DR Find out how a vulnerability in DD-WRT allows an unauthenticated attacker to overflow an internal buffer used by UPNP
SSD Advisory – VestaCP LPE Vulnerabilities
TL;DR Find out how multiple vulnerabilities in VestaCP allow an authenticated attacker to elevate his access to root privileges. Vulnerability