File Disclosure

SSD Advisory – Cambium Multiple Vulnerabilities

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Cambium Network Updater Tool and Networks Services Server. The Network Updater Tool is “a free-of-charge tool that applies packages to upgrade the device types that the release notes for the release that you are using list as supported. Because this tool is available, an …

SSD Advisory – Cambium Multiple Vulnerabilities Read More »

SSD Advisory – ZTE ZXR10 Router Multiple Vulnerabilities

Vulnerabilities summaryThe following advisory describes five (5) vulnerabilities found in ZTE ZXR10 Router.ZXR10 ZSR V2 series router is “the next generation intelligent access router product of ZTE, which integrates routing, switching, wireless, security, and VPN gateway. The product adopts industry-leading hardware platform and software architecture to provide an intelligent and flexible platform for building efficient, …

SSD Advisory – ZTE ZXR10 Router Multiple Vulnerabilities Read More »

SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure

Vulnerability Summary The following advisory describes sensitive information Disclosure found in Tiandy IP cameras version 5.56.17.120 Tianjin Tiandy Digital Technology Co., Ltd ( Tiandy Tech) is “one of top 10 leading CCTV manufacturer in China and a global supplier of advanced video surveillance solutions.” Credit An independent security researcher has reported this vulnerability to Beyond …

SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure Read More »

SSD Advisory – Horde Groupware Unauthorized File Download

Vulnerability Summary The following advisory describes an unauthorized file download vulnerability found in Horde Groupware version 5.2.21. Horde Groupware Webmail Edition is “a free, enterprise ready, browser based communication suite. Users can read, send and organize email messages and manage and share calendars, contacts, tasks, notes, files, and bookmarks with the standards compliant components from …

SSD Advisory – Horde Groupware Unauthorized File Download Read More »

SSD Advisory – Mako Web-server Tutorials Multiple Unauthenticated Vulnerabilities

Vulnerabilities Summary The following advisory describe three (3) vulnerabilities found in Mako Server’s tutorial page. The vulnerabilities found are: Unauthenticated Arbitrary File Write vulnerability that leads to Remote Command Execution Unauthenticated File Disclosure Unauthenticated Server Side Request Forgery As these tutorial may be used as the basis for production code, it is important for users …

SSD Advisory – Mako Web-server Tutorials Multiple Unauthenticated Vulnerabilities Read More »

SSD Advisory – D-Link 850L Multiple Vulnerabilities (Hack2Win Contest)

Vulnerabilities Summary The following advisory describe three (3) vulnerabilities found in D-Link 850L router. The vulnerabilities have been reported as part of Hack2Win competition, for more information about Hack2Win – Hack2Win – https://blogs.securiteam.com/index.php/archives/3310. The vulnerabilities found in D-Link 850L are: Remote Command Execution via WAN and LAN Remote Unauthenticated Information Disclosure via WAN and LAN …

SSD Advisory – D-Link 850L Multiple Vulnerabilities (Hack2Win Contest) Read More »

SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Trend Micro Interscan Web Security Virtual Appliance version 6.5. “The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of cross-generational threat defense techniques that have been optimized to protect physical, virtual, and cloud workloads.” The vulnerabilities found in Trend Micro …

SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities Read More »

SSD Advisory – Cisco DPC3928 Router Arbitrary File Disclosure

Vulnerability Summary The following advisory describes an arbitrary file disclosure vulnerability found in Cisco DPC3928AD DOCSIS 3.0 2-PORT Voice Gateway. The Cisco DPC3928AD DOCSIS is a home wireless router that is currently "Out of support" but is provided by ISPs world wide. Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam …

SSD Advisory – Cisco DPC3928 Router Arbitrary File Disclosure Read More »

SSD Advisory – TerraMaster Operating System (TOS) File Disclosure

Vulnerability Summary The following advisory describes a File Disclosure vulnerability found in TerraMaster Operating System (TOS) version 3. TerraMaster Operating System, TOS is a Linux platform-based operating system developed for TerraMaster cloud storage NAS server. TOS 3 is the third generation operating system newly launched. Credit An independent security researcher has reported this vulnerability to …

SSD Advisory – TerraMaster Operating System (TOS) File Disclosure Read More »

SSD Advisory – Emby Media Server Multiple Vulnerabilities

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Emby Media Server. Affected versions are: 3.1.5, 3.1.2, 3.1.1, 3.1.0 and 3.0.0. Emby Media Server (formerly Media Browser) is a media server designed to organize, play, and stream audio and video to a variety of devices. Emby is open-source, and uses a client server model. …

SSD Advisory – Emby Media Server Multiple Vulnerabilities Read More »

SSD Advisory – Over 100K IoT Cameras Vulnerable to Source Disclosure

Vulnerability Summary The following advisory describes an arbitrary file content disclosure vulnerability found in GoAhead web server. The GoAhead web server is present on multiple embedded devices, from IP Cameras to Printers and other embedded devices. The vulnerability allows a remote unauthenticated attacker to disclose the content of the file being accessed. As most embedded …

SSD Advisory – Over 100K IoT Cameras Vulnerable to Source Disclosure Read More »

?

Get in touch