Advisories
archive

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

SSD Advisory – NETGEAR D7000 Authentication Bypass

Find out how a vulnerability in NETGEAR D7000 device allows remote unauthenticated users to reveal the ‘admin’ password used to login to the admin web interface of the product. NOTE: The vendor states that multiple other devices are also vulnerable.

SSD Advisory – aaPanel CSWH to RCE

Find out how a CSWH hijacking vulnerability in aaPanel allows remote attackers to cause an authenticated user to execute arbitrary commands inside aaPanel’s managed servers.

SSD Advisory – SmarterMail XSS

Find out how a cross site scripting vulnerability in SmarterMail allows remote attackers to obtain the JWT token used to authenticate the user.

SSD Advisory – NETGEAR Nighthawk R7000 httpd PreAuth RCE

TL;DR Find out how a vulnerability in NETGEAR R7000 allows an attacker to run arbitrary code without requiring authentication with the device. Vulnerability Summary A vulnerability allows network-adjacent attackers to execute arbitrary code on affected

SSD Advisory – OverlayFS PE

TL;DR Find out how a vulnerability in OverlayFS allows local users under Ubuntu to gain root privileges. Vulnerability Summary An Ubuntu specific issue in the overlayfs file system in the Linux kernel where it did

SSD Advisory – QNAP Pre-Auth CGI_Find_Parameter RCE

TL;DR Find out how a memory corruption vulnerability can lead to a pre-auth remote code execution on QNAP QTS’s Surveillance Station plugin. Vulnerability Summary QNAP NAS with “Surveillance Station Local Display function can perform monitoring

?

Get in touch