Preauth

SSD Advisory – TG8 Firewall PreAuth RCE and Password Disclosure

TL;DR Find out how vulnerabilities in TG8 Firewall allows remote unauthenticated users to execute arbitrary code on the remote device as well as disclose the passwords of existing accounts. Vulnerability Summary Two security vulnerabilities in TG8 Firewall have been found allowing a remote user to execute commands as root user without needing to authenticate with …

SSD Advisory – TG8 Firewall PreAuth RCE and Password Disclosure Read More »

SSD Advisory – NETGEAR Nighthawk R7000 httpd PreAuth RCE

TL;DR Find out how a vulnerability in NETGEAR R7000 allows an attacker to run arbitrary code without requiring authentication with the device. Vulnerability Summary A vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7000 routers. Authentication is not required to exploit this vulnerability. The vulnerability exists within the handling of …

SSD Advisory – NETGEAR Nighthawk R7000 httpd PreAuth RCE Read More »

SSD Advisory – Netgear Nighthawk R8300 upnpd PreAuth RCE

TL;DR Find out how we exploited an unauthenticated Netgear Nighthawk R8300 vulnerability and gained root access to the device. Vulnerability Summary The Nighthawk X8 AC5000 (R8300) router released in 2014, is a popular device sold by Netgear with almost 2000 positive reviews on Amazon. A vulnerability in the way the R8300 handles UPNP packets allows …

SSD Advisory – Netgear Nighthawk R8300 upnpd PreAuth RCE Read More »

SSD Advisory – MyLittleAdmin PreAuth RCE

TL;DR Find out how we managed to execute arbitrary commands on MyLittleAdmin management tool using unauthenticated RCE vulnerability.  Vulnerability Summary MyLittleAdmin is a web-based management tool specially designed for MS SQL Server. It fully works with MS SQL Server. While the product appears to be discontinued (no new releases since 2013) it is still being …

SSD Advisory – MyLittleAdmin PreAuth RCE Read More »

SSD Advisory – OpenSSH Pre-Auth XMSS Integer Overflow

Vulnerability SummaryThe following advisory describes a Pre-Auth Integer Overflow in the XMSS Key Parsing Algorithm in OpenSSH.CVECVE-2019-16905CreditAn independent Security Researcher, Adam “pi3” Zabrocki, has reported this vulnerability to SSD Secure Disclosure program.Affected SystemsOpenSSH version 7.7 up to the latest one (8.0) supporting XMSS keys (compiled with a defined WITH_XMSS macro).Nevertheless, the bug is only there …

SSD Advisory – OpenSSH Pre-Auth XMSS Integer Overflow Read More »

SSD Advisory – PHP Melody Multiple Vulnerabilities

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in PHP Melody version 2.7.3. PHP Melody is a “self-hosted Video CMS which evolved over the last 9 years. SEO optimization, unbeaten security and speed are advantages you no longer have to compromise on. A truly great CMS should help you save time and make …

SSD Advisory – PHP Melody Multiple Vulnerabilities Read More »

SSD Advisory – Cisco MSE Preauthentication Remote Code Execution

Vulnerabilities Summary Cisco Mobile Services Engine (MSE) is a platform that helps organizations increase visibility into the network, customize location-based mobile services, and strengthen security. The following advisory describes Cisco MSE Pre-Authentication Code Execution (Cisco MSE version 8.0.100.0). Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor …

SSD Advisory – Cisco MSE Preauthentication Remote Code Execution Read More »

?

Get in touch