This Metasploit module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder and exploits multiple authenticated arbitrary command execution vulnerabilities within the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions 1.12.0.27 and below as well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as the root user.
cf7ad8dd0a73829d3346e2425a6d3d0e8426e0d758005a97a9748eb069e34e22
CyberArk Credential Providers can be configured to retain passwords, password metadata, and other application properties in a local, encrypted cache file. Under certain conditions, the effective key space used to encrypt the cache is significantly reduced. For an attacker who understands the key derivation scheme and encryption mechanics, full access to the information used to derive the encryption key is sufficient to reduce effective key space to one. Even in cases where the information is not known, the encrypted cache files will likely be unable to withstand a brute force attack. However, the severity of this issue is partially mitigated by the privilege level required (root) for access. Versions prior to 12.1 are affected.
6ba600d5651668bd7a2786e7c90c3b163cf2bc3b791d517d99bf09f429b3691f
Ubuntu Security Notice 5051-4 - USN-5051-2 introduced a regression in OpenSSL that affected only Ubuntu 14.04 ESM. This update fix the regression. Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
9b42e87779beae1cbad74c32c9184930d6aa117f9f5a4ab50072bf385278195a
CyberArk's Credential Provider loopback communications on TCP port 18923 are encrypted with key material that has extremely low entropy. In all currently-known use cases, the effective key space is less than 2^16. For an attacker who understands the key derivation scheme and encryption mechanics, knowledge of the source port and access to the payloads of a given client-server exchange are sufficient to reduce effective key space to one. In cases where the source port is not known, the encrypted payloads will be unable to withstand a brute force attack. Additionally, the user identification mechanism used by CyberArk's Credential Provider is vulnerable to a race condition where an unauthorized/unprivileged user can submit one or more encrypted query requests. If the race is won, the attacker will be able to retrieve sensitive information including passwords and password metadata. Versions prior to 12.1 are affected.
7dede6bcc7b3021a2a5c5df1eb3c7bc0663ae7d954677866d63352936b9f568a
Compro Technology IP Camera suffers from a screenshot disclosure vulnerability.
8905510f19945e1a1e55291da01e8eac875a4078f7a8539dc65efa785677ce2f
Compro Technology IP Camera suffers from a stream disclosure vulnerability.
02cb87fec2a048f1501531ef209f44be9daf455e9547ba8cf3483c4bf9989dee
Backdoor.Win32.MoonPie.40 malware suffers from an unauthenticated remote command execution vulnerability.
fc9ea8fb5f16d6b1cf50842bb14c8351a44cfb822a6d498b2662eef5e49e364e
Dolibarr ERP/CRM versions 14.0.1 and below suffer from a privilege escalation vulnerability.
0ab1a2b5906577cdab22ccf7d0109094744dc339b81d05909ad21448c8ca34be
Red Hat Security Advisory 2021-3262-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.28.
f37b42defebec364c01fe40a389041ab038a2ebaa9c66663dc7cc5a6686caeaf
Compro Technology IP Camera suffers from multiple credential disclosure vulnerabilities.
30c8fc144226fe97cce4cb377fb9c301051c90d009bffd6f1b3ab58274ac8e16
Compro Technology IP Camera suffers from an unauthenticated RTSP stream disclosure vulnerability.
dc4167cf619ab2d036f1bf82ecffc0493f25e332bd17332a664e6b5700b503af
Backdoor.Win32.MoonPie.40 malware suffers from a man-in-the-middle vulnerability.
29e6af7671e6b8f5ef7da81551d98f570ee4d88454f35895f6fe426e3dcb87a6
Compro Technology IP Camera suffers from a denial of service vulnerability.
42e847c16bcb82767f5c02370a780af49aa061225fc5e8a1fb7896c43a65a2c0
CyberArk Credential Providers and possibly other Vault components use credential files to store usernames and encrypted passwords. Under certain conditions, the effective key space used to encrypt the passwords is significantly reduced. For an attacker who understands the key derivation scheme and encryption mechanics, full access to the information used to derive the encryption key is sufficient to reduce effective key space to one. With partial access, the effective key space can vary depending on the information available, and a number of those variations are unlikely to withstand brute force attacks. Versions prior to 12.1 are affected.
5892fd05072b614b7847d3f43b864bd8335e297210e52ccf34c86d2321cd721f
OpenSIS Community version 8.0 suffers from a remote SQL injection vulnerability.
4008b9ee6c65c207bdf0fea6ef8b54799f24423bc3b17dcfb617a0407ab8e799
Backdoor.Win32.MoonPie.40 malware suffers from bypass and code execution vulnerabilities.
6d674d9758eec19886d4a15969fef6448eca121a0f8b34725b45697b43023d56
WPanel version 4.3.1 authenticated remote code execution exploit.
5d2deefdc4a0f6facd4579cb72cfbe789ff9344d5ef6af65eed440ab687aad73
WordPress Duplicate Page plugin version 4.4.1 suffers from a persistent cross site scripting vulnerability.
891fef361596e5fe5e32c182787596420e0a98bc1c15fa366b2390ffa770fea0
Whitepaper called Cracking WiFi WPA2 Handshake. Written in Turkish.
c6cc513244a2fff1794b3639ad360894a6c93b9dabc29cbf0e9739ed4e9ff7a9