| Real Name | Gjoko Krstic |
|---|---|
| Email address | private |
| First Active | 2007-07-26 |
| Last Active | 2024-11-27 |
Sielco Analog FM Transmitter version 2.12 suffers from a cookie brute forcing vulnerability that can allow for session hijacking.
96ea285153f1385d9929ef190734969d4bc702d1d9aa0eea1a04870c880ae84aGoogle Chrome Browser version 111.0.5563.64 suffers from an AXPlatformNodeCocoa fatal out-of-memory denial of service vulnerability on macOS.
0f11dee0a3ee89decd4ede4b99ca33ca5b7ef40ffe08c8c8a668fe309ac5f950Osprey Pump Controller version 1.0.1 unauthenticated remote code execution exploit.
e3aa8cf09a10153c22c1fea563f19e0486760740b752b12095b5ec99f655864fOsprey Pump Controller version 1.0.1 suffers from a cross site request forgery vulnerability.
3ff94000035eb0e3d7750af6a36a24cd3f59ddd0bf32adc49eed8270dae8c139Osprey Pump Controller version 1.0.1 allows an unauthenticated attacker to create an account and bypass authentication, thereby gaining unauthorized access to the system.
f96ac6802073d61b8a8224120fbbc475b78857a672615467fe07f5419f23785aOsprey Pump Controller version 1.0.1 suffers from a cross site scripting vulnerability.
c1bf05288bbed246cc644a8fdb368c0546ebbfbb0723ec8709bda8abbafeddfdOsprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the eventFileSelected HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts.
db0ca77f3b6262f047a41f704f1fbcabf469fa7d9140d8fddf64e48fc5dc7ab1Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the userName HTTP POST parameter called by index.php script.
36296eda1780ae0ac70f0164496b08fb374f20a8169546a905c771704b399ab9Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the pseudonym HTTP POST parameter called by index.php script.
54e985965675a39585d65ec988986982607117a47b0151caf9326c6cb4e834f8Osprey Pump Controller version 1.0.1 has a hidden administrative account admin that has the hardcoded password Mirage1234 that allows full access to the web management interface configuration. The user admin is not visible in Usernames and Passwords menu list (120) of the application and the password cannot be changed through any normal operation of the device. The backdoor lies in the /home/pi/Mirage/Mirage_ValidateSessionCode.x ELF binary.
20dd59fb8eec86241f48a70c218c680f5b2d35a35df76e3261cbee08ab36c4c7Osprey Pump Controller version 1.0.1 suffers from an unauthenticated file disclosure vulnerability.
65257df0315232e3ca32b7770b12524374ecdcb6a15f818ee9379654da62abe3Osprey Pump Controller version 1.0.1 has an ELF binary called Mirage_CreateSessionCode.x that contains a weak session token generation algorithm that can be predicted and can aid in authentication and authorization bypass attacks. Further, session hijacking is possible due to MitM attack exploiting clear-text transmission of sensitive data including session token in URL. Session ID predictability and randomness analysis of the variable areas of the Session ID was conducted and discovered a predictable pattern. The low entropy is generated by using four IVs comprised of username, password, ip address and hostname.
c8c912e59b9a37815a739a0d4d3f99c9a8dc498a0057fd0f61996c7efe006205SOUND4 LinkAndShare Transmitter version 1.1.2 suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking sensitive information. The attacker can abuse the username environment variable to trigger and potentially execute code on the affected system.
08bed1643ca8fe7e52102e53c1b987d059eaa3806e683bad069e20c052d613efThis paper goes over common components of broadcast systems, how hackers take advantage of them, and discusses some of the vulnerabilities discovered.
1467a96747d9321ba7a659e074789337bc6efc1d4621b6ec26b5fdf38e1ca678Hughes Satellite Router contains a cross-frame scripting via remote file inclusion vulnerability that may potentially be exploited by malicious users to compromise an affected system. This vulnerability may allow an unauthenticated malicious user to misuse frames, include JS/HTML code and steal sensitive information from legitimate users of the application. Affected versions include HX200 8.3.1.14, HX90 6.11.0.5, HX50L 6.10.0.18, HN9460 8.2.0.48, and HN7000S 6.9.0.37.
01732a937c344613efd7c1ef744f546511c874deecd845ef0ca2d232baf0e177SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated factory reset vulnerability in restorefactory.cgi.
1a0c507a2c0f666f15e332c7934c5598e8049b69d4e09f06340c0fbb87d33517SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated remote code execution vulnerability in upload.cgi.
3c3c6d279fd591ebe7b26f14524ac53bdce85b020d4fd8b0674e18a3fd734b58SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a conditional command injection vulnerability in traceroute.php.
493fb94bb96a88e40abd33e5eccebbff52f80b0de903d6bad482c12681edc5d7SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a username related unauthenticated command injection vulnerability.
2a1af0e2d214afa5a71f6409fc8b889a191a4e4d6f778f1364c588cf61c2226bSOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a password related unauthenticated command injection vulnerability.
87e9bc33ec95ac9d66ff2caa9f5d4d61dc4d76eb1934816979fa04a477330ee1SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from a services related authenticated command injection vulnerability.
eabf1351cb8311b07b8d38944e52c0f4bf4ac3fe1c2b689f78f5b11f2d93e684SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x and below suffer from an unauthenticated file disclosure vulnerability.
7704f2528e64a6579efda9376329311cb012f4d49f395092704e4f19b6d37559SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x and below suffer from a conditional command injection vulnerability in ping.php.
ade832b5db9e3a83e1ab939037cf7ceb6613442fdf7944335ad9f3f638d97f84SOUND4 IMPACT/FIRST/PULSE/Eco versions 2.x and below suffer from an unauthenticated radio stream disclosure vulnerability.
a313ea09e9877322d75ec4247416a055ed39d1c82bf035cde8f0bae23fb0995bSOUND4 IMPACT/FIRST/PULSE/Eco version 2.x and below suffer from a conditional command injection vulnerability in dns.php.
29a3f77080209e96ce853753006ab37df305d0ac4c6d034a7504f2376215c2ba
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed