TP-LINK Cloud Cameras including products NC260 and NC450 suffer from a command injection vulnerability. The issue is located in the httpSetEncryptKeyRpm method (handler for /setEncryptKey.fcgi) of the ipcamera binary, where the user-controlled EncryptKey parameter is used directly as part of a command line to be executed as root without any input sanitization.
7c6daeba86b10ee66abb00c8b005635251b71f86700d9246cd9f53c346cb9ee0TP-LINK Cloud Cameras including products NC200, NC210, NC220, NC230, NC250, NC260, and NC450 suffer from having a hardcoded encryption key. The issue is located in the methods swSystemBackup and sym.swSystemRestoreFile, where a hardcoded encryption key is used in order to encrypt/decrypt a config backup file. The algorithm in use is DES ECB with modified s-boxes and permutation tables.
8a9bf019904b9da201926fdb2f4eca44ec5bb26ff30a3e12709465ed196958caTP-LINK Cloud Cameras including products NC200, NC210, NC220, NC230, NC250, NC260, and NC450 suffer from a command injection vulnerability. The issue is located in the swSystemSetProductAliasCheck method of the ipcamera binary (Called when setting a new alias for the device via /setsysname.fcgi), where despite a check on the name length, no other checks are in place in order to prevent shell metacharacters from being introduced. The system name would then be used in swBonjourStartHTTP as part of a shell command where arbitrary commands could be injected and executed as root.
51f53a1e5bba2a9ada63d195865ebededf26762f4a245d45d4e986eb40f62c20Proof of concept denial of service exploit for the recent OpenSSL signature_algorithms_cert vulnerability.
1d08073755309441e120ada922d200c5276431e79d7c9bdd66bbb529a2013702xt:Commerce version 5.4.1, 6.2.1, and 6.2.2 suffer from an improper access control vulnerability. A logged-in customer can create and alter addresses. These addresses are referenced by incrementing IDs. On saving an address, an attacker could change the ID of the address to write the data to. If the ID belongs to an address which does not belong to the current logged-in user, every field in the address is set to null. An attacker could use this to null all addresses in a shop.
f54fc2ef6644a4e641224c9d4bbfedbcbc95e27c9202e6200a1ccd2764b4b697This archive contains all of the 201 exploits added to Packet Storm in April, 2020.
de2d54c316e5e787807ce732ad25725f5943fb8ff779b4e4998d4f670f9649c6Firefox suffers from an out-of-bounds access vulnerability in js::ReadableStreamCloseInternal.
99415c833ecfac641a13e725f04e3b4948804b599bc7caa1dce74f5bc600ed6dUbuntu Security Notice 4349-1 - A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. A buffer overflow was discovered in BlockIo service. An unauthenticated user could potentially enable escalation of privilege, information disclosure and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. Various other issues were also addressed.
d282093afc124fd962c25e4709dff829e5b67682fda67534d1dd484b4a6760a6Gentoo Linux Security Advisory 202004-17 - Multiple vulnerabilities have been found in Django, the worst of which could result in privilege escalation. Versions less than 2.2.11 are affected.
4a2831d98946075ac9b91d6bed2f78491188825a08f52e9e12c28e2ed15084a5Gentoo Linux Security Advisory 202004-16 - Multiple vulnerabilities have been found in Cacti, the worst of which could result in the arbitrary execution of code. Versions less than 1.2.11 are affected.
a6c29ffd3873fdfd7fee07eb84119f4e33133b4087c3065b62c2d4a43a108602Gentoo Linux Security Advisory 202004-15 - Multiple vulnerabilities have been found in libu2f-host, the worst of which could result in the execution of code. Versions less than 1.1.10 are affected.
4b1c335972214bc2cc77f8f831c29db5e60612680191ae81bf160802d12d1c04Gentoo Linux Security Advisory 202004-14 - Multiple vulnerabilities have been found in FontForge, the worst of which could result in the arbitrary execution of code. Versions less than 20200314 are affected.
60fe2ece057104a7581ee14454a8f6d034934c170176832aeb6cf74af2e2fab5Apache OFBiz version 17.12.03 suffers from a cross site request forgery vulnerability.
b47b53ed94c6e5dd25c63cd9fa187cc8e0686fbb7183d46eeea25d8b981183f7Whitepaper called Bypassing Root Detection Mechanism. Written in Persian.
938f3f9c740155fc8acf2297e9a8fa12af7074aa63d7c8a2289cbb7054b0c59d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed