Summary KerioControl suffers from a tar.gz path traversal within the import configuration functionality inside the admin panel which leads to Remote Code Execution. Credit Simon Janz Affected Devices KerioControl version 9.4.2 patch 1 build7290 Vendor Response The vendor has been notified on February 14, 2023, but has provided no indication whether or not it is …
SSD Advisory – KerioControl Remote Code Execution Read More »
Summary By exploiting file upload functionality users are able to upload .html type of files, containing arbitrary JavaScript code, the file is then saved within server. An attacker would then compose and send an email containing URL to said malicious to the victim. Credit Jokūbas Arsoba Affected Devices Vendor Response The vendor has been notified …
Summary A vulnerability in SonicWall allows remote attackers to crash the target server on affected installations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the `httpServer` function. The issue results from the lack of checking the return result of `snprintf` before using it to calculate the maximum length. An attacker …
SSD Advisory – SonicWall Out Of Bounds Write DoS Read More »
Summary A vulnerability in Mozilla Firefox has been found to not show an executable file warning when downloading .atloc and .ftploc files, which can run commands on a user’s computer. Credit Dohyun Lee, working for SSD Labs Korea. CVE CVE-2022-46875 Vendor Response The vendor has released patches available at: https://www.mozilla.org/en-US/security/advisories/mfsa2022-51/ Technical Analysis A vulnerability in …
Summary A vulnerability in the UMPD (User-Mode Printer Drivers) allows local users to trigger a use-after-free vulnerability. The vulnerability works from Windows 8 and above, and is fairly easy to exploit on older Windows machines. Credit An independent security researcher working SSD Secure Disclosure. CVE CVE-2022-41050 Vendor Response The vendor has released patches available at: …
A Type confusion vulnerability exists in the Apple Safari JSC Inspector. This issue causes Memory Corruption due to Type confusion. A victim must open an arbitrary generated HTML file to trigger this vulnerability.
A vulnerability in NETGEAR AFPD, Apple Filing Protocol daemon, process allows LAN side attackers to cause the product to overflow a buffer due to a pre-auth vulnerability.
A vulnerability allows remote attackers to elevate privileges on affected installations of Cisco Secure Manager Appliance and Cisco Email Security Appliance. Authentication is required to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Secure Manager Appliance and Cisco Email Security Appliance.
A vulnerability in the Galaxy Store allows attackers through an XSS to cause the store to install and/or launch an application, allowing remote attackers to trigger a remote command execution in the phone.
TL;DR A vulnerability in pfSense allows authenticated users to cause the product to execute arbitrary code – this in turn would allow an attacker to compromise the machine on which the pfSense is installed. Vulnerability Summary Due to the way pfSense, an open-sourced firewall, manages names of rules – an authenticated attacker that is able …
A vulnerability in the way Linux handles the CLOCK_THREAD_CPUTIME_ID allows local attackers to reach a race condition and use this to elevate their privileges to root.
Any questions? Interested in our services?
We’d love to hear from you
