ModbusPal 1.6b is vulnerable to an XML External Entity (XXE) attack. Projects are saved as .xmpp files and automations can be exported as .xmpa files, both XML-based and vulnerable to XXE injection. Sending a crafted .xmpp or .xmpa file to a user, when opened/imported in ModbusPal 1.6b, will return the contents of any local files to a remote attacker.
An issue was discovered in Fastweb FASTgate 0.00.47 device. A Cross-site request forgery (CSRF) vulnerability allows remote attackers to hijack the authentication of users for requests that modify the configuration. This vulnerability may lead to Gues Wi-Fi activating, Wi-Fi password changing, etc.
A buffer overflow vulnerability exists in Allok Video Splitter 3.1.1217, which allows an attacker to execute arbitrary code by copying the contents of a specially crafted file into the License Name field and clicking Register. This can be exploited to execute arbitrary code with the privileges of the user running the application.
FxCop is vulnerable to XML injection attacks allowing local file exfiltration and or NTLM hash theft. Tested in Windows 7 and Windows 10 download SDK it works in both. If you have the the particular SDK in question it is probably there but needs to be installed as it was for me.
2345 Security Guard 3.7 is vulnerable to a Denial of Service attack due to not validating input values. The vulnerability can be triggered by sending a specially crafted IOCTL request to the vulnerable driver. This can cause a Blue Screen of Death (BSOD) on the affected system.
This module exploits a code injection vulnerability within an authenticated file upload feature in PlaySMS v1.4. This issue is caused by improper file name handling in sendfromfile.php file. Authenticated Users can upload a file and rename the file with a malicious payload. This module was tested against PlaySMS 1.4 on VulnHub's Dina 1.0 machine and Windows 7.
This issue is caused by improper file contents handling in import.php (aka the Phonebook import feature). Authenticated Users can upload a CSV file containing a malicious payload via vectors involving the User-Agent HTTP header and PHP code in the User-Agent.
A buffer overflow vulnerability exists in FTPShell Client 6.7, which could allow an attacker to execute arbitrary code on the target system. The vulnerability is due to a lack of proper validation of user-supplied data, which can result in a stack-based buffer overflow. An attacker can exploit this vulnerability by sending a specially crafted FTP request to the vulnerable server. Successful exploitation of this vulnerability could result in arbitrary code execution in the context of the application.
HWiNFO 5.82-3410 is vulnerable to a denial of service attack. An attacker can craft a malicious file containing a large amount of data and send it to the application. When the application attempts to process the file, it will crash and overwrite the EIP register. This can be exploited to execute arbitrary code.
DeviceLock Plug and Play Auditor 'DLPnpAuditor.exe' is vulnerable to a Unicode type of buffer overflow, when supplied a specially crafted textfile using the 'scan network' from file option. The buffer overload payload will get converted to unicode character encoding. Unicode support is used by applications for internationalization purposes allowing a consistent way to visually represent different character sets on most systems around the world.
Services By CQR