Win32.Ransom.BlueSky / Arbitrary Code Execution

Posted by malvuln on Aug 15Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/961fa85207cdc4ef86a076bbff07a409.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Win32.Ransom.BlueSky Vulnerability: Arbitrary Code Execution Description: The BlueSky ransomware...

2d

Zyxel IPC 3605N & 4605N / Remote shell access

Posted by Eric Urban on Aug 15Hello everyone, I have identified that the Zyxel IPC 3605N and 4605N IP based security cameras have multiple flaws. Combining these together leads to the ability for an attacker to remotely install root shell access on the device. A web server installed for UPnP purposes allows the plaintext passwords to ...

2d

Re: typeorm CVE-2022-33171

Posted by Andrii Kostenko via Fulldisclosure on Aug 15I found what I think is a vulnerability in the latest typeorm 0.3.7. TypeORM v0.3 has a new findOneBy method instead of findOneById() and it is the only way to get a record by id Sending undefined as a value in this method removes this parameter from the query. This leads to the data exposure....

2d

CVE-2022-2590: Linux kernel privilege escalation vulnerability

Posted by Turritopsis Dohrnii Teo En Ming on Aug 11Subject: CVE-2022-2590: Linux kernel privilege escalation vulnerability Good day from Singapore, Just sharing this Linux kernel security vulnerability. Article: CVE-2022-2590: Linux kernel privilege escalation vulnerability Link: https://securityonline.info/cve-2022-2590-linux-kernel-privilege-escalation-vulnerability/...

6d

Backdoor.Win32.Guptachar.20 / Insecure Credential Storage

Posted by malvuln on Aug 08Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Guptachar.20 Vulnerability: Insecure Credential Storage Description: The malware...

2w

Backdoor.Win32.Bushtrommel.122 / Unauthenticated Remote Command Execution

Posted by malvuln on Aug 04Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Bushtrommel.122 Vulnerability: Unauthenticated Remote Command Execution Description:...

2w

Backdoor.Win32.Bushtrommel.122 / Authentication Bypass

Posted by malvuln on Aug 04Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Bushtrommel.122 Vulnerability: Authentication Bypass Description: The malware...

2w

Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow

Posted by malvuln on Aug 04Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/783a191e7944e1af84ec0fa96d933f30.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Jokerdoor Vulnerability: Remote Stack Buffer Overflow Description: The malware...

2w

Backdoor.Win32.Destrukor.20 / Unauthenticated Remote Command Execution

Posted by malvuln on Aug 01Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Destrukor.20 Vulnerability: Unauthenticated Remote Command Execution Description:...

3w

Backdoor.Win32.Destrukor.20 / Authentication Bypass

Posted by malvuln on Aug 01Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Destrukor.20 Vulnerability: Authentication Bypass Description: The malware listens...

3w