Advisories
archive

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

SSD Advisory – XenForo RCE via CSRF

Summary A vulnerability in XenForo allows a user to trigger an RCE via incorrect parsing and handling of user provided templates, this combined with another CSRF vulnerability. might allow unauthenticated attackers to execute arbitrary code

SSD Advisory – SonicWall SMA100 Stored XSS to RCE

Summary There are pre-auth stored XSS and post-auth remote command injection vulnerabilities in SonicWall SMA100. These vulnerabilities allow unauthenticated attackers to execute arbitrary command when an authenticated user is exposed to the stored XSS. The

SSD Advisory – TP-Link ViGi onvif_discovery Overflow

Summary A buffer overflow in the onvif_discovery binary located at /bin/onvif_discovery which listens on UDP port 5001. This vulnerability can be leveraged by a network-adjacent attacker to execute arbitrary code on the target as root.

SSD Advisory – NVMS9000 Information Disclosure

Summary The NVMS9000 product by TVT has a critical security flaw that allows remote unauthenticated attackers a wealth of information on the device including, but not limited to, username and passwords, network configuration, etc. This

SSD Advisory – D-Link DIR-X4860 Security Vulnerabilities

Summary Security vulnerabilities in DIR-X4860 allow remote unauthenticated attackers that can access the HNAP port to gain elevated privileges and run commands as root. By combining an authentication bypass with command execution the device can

SSD Advisory – IP.Board ‘nexus’ RCE and Blind SQLi

Summary IP.Board e-commerce plugin ‘nexus’ contains two security vulnerabilities that when combined can be used to trigger a pre-auth RCE in AdminCP. Credit An independent security researcher, Egidio Romano from Karma(In)Security, working with SSD Secure

SSD Advisory – Uniview IPC2322LB Auth Bypass and CLI escape

Summary The Uniview IPC2322LB processes authentication requests allows remote attackers to bypass the authentication process and gain unauthorized access. If this is combined with a CLI escape, the Uniview device’s security can be completely compromised.

SSD Advisory – TP-Link NCXXX Authentication Bypass

Summary A vulnerability exists in TP-Link NCXXX family of devices, the vulnerability allows accessing the device without credentials – this chained with well known and currently unpatched post-auth vulnerabilities allow for the complete compromise of

SSD Advisory – TOTOLINK LR1200GB Auth Bypass

Summary A vulnerability in TOTOLINK LR1200GB allows remote unauthenticated attackers to become authenticated due to a stack overflow vulnerability in the web interface. Additional post-auth vulnerabilities in the product allow for command injection and their

?

Get in touch