The Elber ESE DVB-S/S2 Satellite Receiver 1.5.x devices suffer from an unauthenticated device configuration and client-side hidden functionality disclosure. An attacker can exploit this vulnerability to manipulate device configuration settings and reveal hidden functionalities without authentication.
The Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device allows an attacker to configure the device without authentication and reveals hidden functionality on the client-side. By exploiting this vulnerability, an unauthorized user can manipulate device settings and access undisclosed features.
The Persistent XSS vulnerability allows an attacker to inject malicious code into the Description field, which will be executed when anyone visits the site. The Remote Change Admin Password vulnerability allows an attacker to change the admin password by submitting a form with the desired new password.
Java provides support for dynamic and static versioning when loading applets in the Java plug-in. This means that during the invocation of an applet, a user can request that a particular version of a plug-in be used to run the applet. The feature is accessible through various HTML tags that allow Java applets to be embedded in HTML documents, such as the EMBED, OBJECT, and APPLET tags. This feature presents a security weakness in that it may be abused to cause a previous version of a plug-in that is known to be prone to security vulnerabilities to be loaded in lieu of a more recent, fixed version. For this design flaw to pose a security threat, a vulnerable plug-in must either already be installed on the host computer or the user must manually install a version that is prone to security vulnerabilities. If a targeted version is not installed, the user may be prompted to install it. This weakness could result in a false sense of security, since the user may believe that installing an updated version will eliminate vulnerabilities in previous versions. Note that since this feature is supported in various browsers, the browsers themselves may be prone to the issue. Some browsers may not allow a Java plug-in that is no longer registered with the browser to run.
A local attacker may exploit this vulnerability to create a listening port to provide remote access to a vulnerable computer.
The Gadu-Gadu instant messenger application contains a weakness that allows attackers to obfuscate file extensions. This vulnerability can be exploited by sending potentially malicious executable files to users who believe they are harmless files.
This exploit allows an attacker to change the IP address on all D-Link DCS-900 cameras on the local network without authentication. The cameras use a broadcast/listen method of configuration and listen for a UDP broadcast packet to set their IP address. By sending a modified packet, an attacker can set the IP address of all listening cameras to a desired value.
KioWare Server version 4.9.6 and older installs by default to "C:kioware_com" with weak folder permissions granting any user full permission "Everyone: (F)" to the contents of the directory and it's sub-folders. In addition, the program installs a service called "KWSService" which runs as "Localsystem", this will allow any user to escalate privileges to "NT AUTHORITYSYSTEM" by substituting the service's binary with a malicious one.
The exploit allows bypassing the IP spoofing protection in Crystal Shard http-protection version 0.2.0. By hardcoding values in the X-* headers, an attacker can bypass the middleware's detection of spoofing attacks.
It has been reported that the issue presents itself due to a failure by Internet Explorer to remove JavaScript URIs from the browser history list in some circumstances. A JavaScript specific JavaScript URI, can be embedded in the Browser history list and further employed by an attacker to have JavaScript code executed in the context of the Local Machine security zone.