I created a proof of concept exploit about the recent OpenSSL
signature_algorithms_cert DoS flaw (CVE-2020-1967). Credit for the
original finding goes to Bernd Edlinger.
This is a null pointer dereference while processing a crafted
signature_algorithms_cert TLS extension via the SSL_check_chain()
Vulnerability title: TP-LINK Cloud Cameras NCXXX SetEncryptKey Command Injection
Author: Pietro Oliva
CVE: CVE-2020-12111
Vendor: TP-LINK
Product: NC260, NC450
Affected version: NC260 <= 1.5.2 build 200304, NC450 <= 1.5.3 build 200304
Fixed version:NC260 <= 1.5.3 build_200401, NC450 <= 1.5.4
Vulnerability title: TP-LINK Cloud Cameras NCXXX Hardcoded Encryption Key
Author: Pietro Oliva
CVE: CVE-2020-12110
Vendor: TP-LINK
Product: NC200, NC210, NC220, NC230, NC250, NC260, NC450
Affected version: NC200 <= 2.1.9 build 200225, NC210 <= 1.0.9 build 200304,
NC220 <= 1.3.0
Vulnerability title: TP-LINK Cloud Cameras NCXXX Bonjour Command Injection
Author: Pietro Oliva
CVE: CVE-2020-12109
Vendor: TP-LINK
Product: NC200, NC210, NC220, NC230, NC250, NC260, NC450
Affected version: NC200 <= 2.1.9 build 200225, NC210 <= 1.0.9 build 200304,
NC220 <= 1.3.0
Hi,
I recently attempted to disclose some vulns to IBM via CERT/CC. They refused to
accept the report, saying they only accept reports from paying customers...
haha what a show!
The markdown advisory is attached below - sorry, I usually send text ones, but
have to move on to the current
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Advisory ID: SYSS-2020-012
Product: xt:Commerce
Manufacturer: xt:Commerce GmbH
Affected Version(s): 5.4.1, 6.2.1, 6.2.2
Tested Version(s): 5.4.1, 6.2.1
Vulnerability Type: Improper Access Control (CWE-284)
Risk Level: Medium
Solution Status: Fixed
