LanSweeper 6.0.100.75 has XSS via the description parameter to "/Calendar/CalendarActions.aspx". Take control of the browser using the xss shell or perform malware attacks on users.
A Cross-site scripting (XSS) vulnerability exists in TP-LINK TL-WR740N. An attacker can exploit this vulnerability by entering malicious code in the Description field of the Wireless MAC Filtering tab, which will be executed when the page is loaded.
Firmware versions 2.08UI and lower contain a bug in the function that handles HTTP GET requests for directory paths that can allow an unauthenticated attacker to cause complete denial of service (device reboot). This bug can be triggered from both LAN and WAN.
D-Link DCS-936L devices with firmware 1.02.01 have CSRF. If a victim is logged into the camera's web console and visits a malicious site hosting a <Target_Device_IP.HTML> from another tab in the same browser, the malicious site can send requests to the victim's device. An attacker can add a new user, replace the firmware image with a malicious one, or connect the victim's device to a rogue Wireless Network. An attacker can easily find out public IP address of victim's device on Shodan or similar search engines to create <Target_Device_IP.HTML> file. Victim must be logged into the camera's web console and visit attacker's site from another tab in the same browser.
This exploit is a buffer overflow exploit for an older version of a web server. It uses a malicious payload to gain access to the system. The payload is written in Python and contains shellcode that is used to connect to a remote host. The exploit requires the web server to be enabled and has been tested on Windows 10 (x86).
An invalid memory access issue could be triggered remotely in the SFTP component of PSFTPd. This issue could be triggered prior authentication. The PSFTPd server did not automatically restart, which enabled attackers to perform a very effective DoS attack against this service. By sending the following SSH identification / version string to the server, a NULL pointer dereference could be triggered: $ cat tmp.14 SSH-2.0-BBBBBBBB CCCCCCCCCCCC $ cat tmp.14 | socat - TCP:192.168.122.50:22 The issue appears to be a race condition in the window message handling, performing the cleanup for invalid connections. Upon further investigation X41 D-Sec GmbH could confirm that the accessed memory was already freed.
This exploit is a proof-of-concept code for a 0day vulnerability in GoAhead Camera. It allows an attacker to gain root access to the camera by exploiting a vulnerability in the FTP configuration. The exploit uses a connect-back payload to connect to a remote host, a test payload to verify the exploit, and a reset payload to reset the FTP configuration.
Ulterius Server before 1.9.5.0 allows HTTP server directory traversal via the process function in RemoteTaskServer/WebServer/HttpServer.cs.
A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, 2.4.x before 2.4.2, and 2.5.x before 2.5.7 exists when displaying a specially prepared SVG document that has been uploaded as a content file.
This exploit is a privilege escalation vulnerability in IKARUS anti.virus. It was discovered by Parvez Anwar (@parvezghh) in November 2017. The vulnerability is caused by a lack of proper validation of user-supplied input, which can be exploited to gain elevated privileges. The exploit works by calling NtQuerySystemInformation() to get a list of system handles, then using SetKernelObjectSecurity() to set the DACL_SECURITY_INFORMATION of the handle to 0x00000001. This allows the attacker to gain elevated privileges.
Services By CQR