Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of a Attribute, as demonstrated in below POC.
The vulnerability allows an attacker to inject sql commands from the search section with 'contact_type_id' parameter in the admin panel.
This POC will reveal the content of an employee's cookie. By modifying it one can read/write any PrestaShop cookie. It is a simple padding oracle implementation.
This module takes advantage of miner remote manager APIs to exploit an RCE vulnerability.
A backdoor jailbreak vulnerability was discovered in Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway devices. The vulnerability allows an attacker to gain root access to the device without authentication. The affected devices include IPn4G 1.1.0 build 1098, IPn3Gb 2.2.0 build 2160, IPn4Gb 1.1.6 build 1184-14, IPn4Gb 1.1.0 Rev 2 build 1090-2, IPn4Gb 1.1.0 Rev 2 build 1086, Bullet-3G 1.2.0 Rev A build 1032, VIP4Gb 1.1.6 build 1204, VIP4G 1.1.6 Rev 3.0 build 1184-14, VIP4G-WiFi-N 1.1.6 Rev 2.0.0 build 1196, IPn3Gii / Bullet-3G 1.2.0 build 1076, IPn4Gii / Bullet-LTE 1.2.0 build 1078, BulletPlus 1.3.0 build 1036, and Dragon-LTE 1.1.0 build 1036.
Microhard Systems Inc. IPn4G, IPn3Gb, Bullet-3G, VIP4Gb, VIP4G, VIP4G-WiFi-N, IPn3Gii, IPn4Gii, BulletPlus, and Dragon-LTE devices have a default password of 'microhard' for the root user. An attacker can use this password to gain access to the device and modify its settings.
A vulnerability in Microhard Systems Inc. IPn4G, IPn3Gb, Bullet-3G, VIP4Gb, VIP4G, VIP4G-WiFi-N, IPn3Gii, Bullet-LTE, BulletPlus, and Dragon-LTE devices allows an unauthenticated attacker to download the configuration file of the device. This vulnerability is due to improper authentication of the configuration download request. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the affected device. Successful exploitation of this vulnerability could allow an attacker to gain access to the configuration file of the device, which could contain sensitive information.
A vulnerability in Microhard Systems Inc.’s IPn4G, IPn3Gb, IPn4Gb, Bullet-3G, VIP4Gb, VIP4G, VIP4G-WiFi-N, IPn3Gii, Bullet-LTE, BulletPlus, and Dragon-LTE products could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system. The vulnerability is due to improper input validation of certain parameters in the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected device. A successful exploit could allow the attacker to cause a DoS condition on the targeted system.
Microhard Systems Inc. IPn4G, IPn3Gb, Bullet-3G, VIP4Gb, VIP4G, VIP4G-WiFi-N, IPn3Gii, IPn4Gii, BulletPlus, and Dragon-LTE devices are vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can exploit this vulnerability by sending a malicious request to the target device. This can allow an attacker to perform administrative actions on the device, such as changing the device's configuration, or even disabling the device.
Setgid Directory Privilege Escalation is a vulnerability that allows an attacker to gain elevated privileges by exploiting the setgid bit on a directory. This vulnerability can be exploited by creating a file in the directory with the setgid bit set, and then writing to the file without triggering the killpriv logic. This can be done by using the open() system call with the O_CREAT flag, or by using the fallocate() and mmap() system calls.
Services By CQR