High-Tech Bridge Security Research Lab discovered CSRF vulnerability in Cerb platform, which can be exploited to perform Cross-Site Request Forgery attacks against administrators of vulnerable web application to add administrate accounts into the system. The vulnerability exists due to failure of the "/ajax.php" script to properly verify the source of incoming HTTP request.
GPON Home CSRF With Command Execute Vulnerability is a vulnerability that allows an attacker to execute arbitrary commands on a vulnerable device. The vulnerability exists due to insufficient validation of user-supplied input in the web-based management interface. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious code to the vulnerable device. This will allow the attacker to execute arbitrary commands on the vulnerable device.
A buffer overflow vulnerability exists in SphereFTP Server v2.0 when a long string is sent to the FTP server. An attacker can exploit this vulnerability to crash the FTP server.
YESWIKI Path Traversal Exploit allows an attacker to download a file from the vulnerable server. The attacker can send a specially crafted HTTP request containing directory traversal strings (e.g. “../”) to the vulnerable server and download any file from the server.
MantisBT 1.2.19 is vulnerable to an Host header attack that can be exploited by an unauthenticated user to hijack another user account. This exploit use the Host header attack to poison the link in the password reset mail. You need to know the victim username and e-mail. You also need a remote host that you control to catch the verification hash needed for password reset.
This exploit allows an attacker to access arbitrary files on the Thomson Wireless VoIP Cable Modem DWG850-4B with Software Version: ST9C.05.08. The attacker can use the credentials of the router to access the files. The exploit was discovered by 0rwelllabs in October 2013.
Few vulnerabilities found in Edimax BR6228nS/BR6228nC router firmware. Cross Site Scripting vulnerability can be exploited by sending a malicious POST request to the router. HTTP Response Splitting vulnerability can be exploited by sending a malicious POST request to the router. Cross Site Request Forgery vulnerability can be exploited by sending a malicious HTML form to the router.
Vulnerabilities within the srvkp module allows an attacker to inject memory they control into an arbitrary location they define or cause memory corruption. IOCTL request codes 0x96002400 and 0x96002404 have been demonstrated to trigger these vulnerabilities. These vulnerabilities can be used to obtain control of code flow in a privileged process and ultimately be used to escalate the privilege of an attacker.
A stack-based buffer overflow vulnerability exists in Mpxplay Multimedia Commander V2.00a. An attacker can exploit this vulnerability by creating a specially crafted .m3u file containing a large amount of 'A' characters and opening it in the audio player. This will cause a crash of the application.
A buffer overflow vulnerability exists in the FTP server of the Ricoh DC FTP (SR10) v1.1.0.8 software. An attacker can send a specially crafted packet with a length of 81300 bytes or more to the FTP server, which will cause the server to crash. This can be exploited to cause a denial of service condition.
Services By CQR