SEC Consult Vulnerability Lab Security Advisory 20140430-0
===
title: SQL injection and persistent XSS
product: Typo3 3rd party extension si_bibtex
vulnerable version: si_bibtex 0.2.3
fixed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory 20140528-0
===
title: Root Backdoor Unauthenticated access to voice recordings
product: NICE Recording
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory 20140630-0
===
title: Multiple severe vulnerabilities
product: IBM Algorithmics RICOS
vulnerable version
SEC Consult Vulnerability Lab Security Advisory 20140710-1
===
title: Multiple high risk vulnerabilities in Shopizer webshop
product: Shopizer
vulnerable version: 1.1.5 and below
fixed version
SEC Consult Vulnerability Lab Security Advisory 20140710-2
===
title: Multiple critical vulnerabilites
product: Schrack MICROCONTROL emergency light system
vulnerable version: before 1.7.0 (937
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory 20140805-0
===
title: Multiple vulnerabilities
product: Readsoft Invoice Processing / Process Director
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory 20140828-0
===
title: Reflected Cross-Site Scripting
product: F5 BIG-IP
vulnerable version: = 11.5.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory 20141015-0
===
title: Potential Cross-Site Scripting
product: ADF Faces
vulnerable version: 12.1.2.0
SEC Consult Vulnerability Lab Security Advisory 20141029-0
===
title: Multiple critical vulnerabilities
product: Vizensoft Admin Panel
vulnerable version: 2014
fixed version
SEC Consult Vulnerability Lab Security Advisory 20141029-1
===
title: Persistent cross site scripting
product: Confluence RefinedWiki Original Theme
vulnerable version: 3.x - 4.0.x
fixed version
SEC Consult Vulnerability Lab Security Advisory 20141106-0
===
title: XXE XSS Arbitrary File Write vulnerabilities
product: Symantec Endpoint Protection
vulnerable version: 12.1.4023.4080
fixed
SEC Consult Vulnerability Lab Security Advisory 20141218-0
===
title: Multiple critical vulnerabilities
product: VDG Security SENSE (formerly DIVA)
vulnerable version: 2.3.13
fixed version
SEC Consult Vulnerability Lab Security Advisory 20141218-1
===
title: OS Command Execution
product: GParted - Gnome Partition Editor
vulnerable version: =0.14.1
fixed version: =0.15.0
SEC Consult Vulnerability Lab Security Advisory 20141218-2
===
title: Multiple high risk vulnerabilities
product: NetIQ Access Manager
vulnerable version: 4.0 SP1
fixed version: 4.0 SP1 Hot Fix 3
SEC Consult Vulnerability Lab Security Advisory 20150122-0
===
title: Multiple critical vulnerabilities
products: Symantec Data Center Security: Server Advanced (SDCS:SA)
Symantec
SEC Consult Vulnerability Lab Security Advisory 20150113-1
===
title: Privilege Escalation XSS Missing Authentication
product: Ansible Tower
vulnerable version: =2.0.2
fixed version: =2.0.5
SEC Consult Vulnerability Lab Security Advisory 20150227-0
===
title: Multiple vulnerabilities
product: Loxone Smart Home
vulnerable version: Firmware: 5.49; Android-App: 3.4.1
fixed version: 6.3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory 20150513-0
===
title: Multiple critical vulnerabilities
product: WSO2 Identity Server
SEC Consult Vulnerability Lab Security Advisory 20150519-0
===
title: Kernel Stack Buffer Overflow
product: KCodes NetUSB
vulnerable version: see Vulnerable / tested versions
fixed version: see
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory 20150626-0
===
title: Critical vulnerabilities allow surveillance on conferences
product: Polycom
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory 20150728-0
===
title: McAfee Application Control Multiple Vulnerabilities
product: McAfee Application
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SEC Consult Vulnerability Lab Security Advisory < 20151022-0 >
===
title: Multiple critical vulnerabilities
product: Lime Survey
vulnerable version: 2
SEC Consult Vulnerability Lab Security Advisory < 20151105-0 >
===
title: Insecure default configuration
product: various Ubiquiti Networks products
vulnerable version: see Vulnerable / tested ve
SEC Consult Vulnerability Lab Security Advisory < 20160602-0 >
===
title: Multiple critical vulnerabilities
product: Ubee EVW3226 Advanced wireless voice gateway
vulnerable version: Fi
SEC Consult Vulnerability Lab Security Advisory < 20160624-0 >
===
title: XSS and information disclosure vulnerability
product: ASUS DSL-N55U router
vulnerable version: 3.0.0.4.376_2736
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
SEC Consult Vulnerability Lab Security Advisory < 20160210-0 >
===
title: Multiple Vulnerabilities
product: Yeager CMS
vulnerable version:
for more information.
SEC Consult Vulnerability Lab Security Advisory < 20160121-0 >
===
title: Deliberately hidden backdoor account
product: Several AMX (HARMAN Professional) device
SEC Consult Vulnerability Lab Security Advisory < 20160422-0 >
===
title: Insecure data storage
product: my devolo - android application - air.de.devolo.my.devolo
vulnerable version: 1.2.8
SEC Consult Vulnerability Lab Security Advisory < 20160725-0 >
===
title: Multiple vulnerabilities
product: Micro Focus (former Novell) Filr Appliance
vulnerable version: Filr 2 <=2.0.0.421,
SEC Consult Vulnerability Lab Security Advisory < 20170207-0 >
===
title: Path Traversal, Backdoor accounts & KNX group address
password bypass
product: JUNG Smart V
SEC Consult Vulnerability Lab Security Advisory < 20170130-0 >
===
title: XSS & CSRF vulnerabilities
product: Multiple Ubiquiti Networks products, e.g.
TS-16-CARRIER, TS-5
SEC Consult Vulnerability Lab Security Advisory < 20170117-0 >
===
title: Cross Site Scripting (XSS)
product: Recommend Page extension for TYPO3 CMS (pb_recommend_page)
vulnerable version: &
SEC Consult Vulnerability Lab Security Advisory < 20170301-0 >
===
title: XML External Entity Injection (XXE),
Reflected Cross Site Scripting
product: Aruba AirWave
vuln
SEC Consult Vulnerability Lab Security Advisory < 20160825-0 >
===
title: Multiple vulnerabilities
product: Micro Focus GroupWise
vulnerable version: GroupWise 2014 R2
SEC Consult Vulnerability Lab Security Advisory < 20160831-0 >
===
title: Manipulation of pre-boot authentication
product: CryptWare CryptoPro Secure Disk for Bitlocker
vulnerable version: 5.1.
/controlling-kerio-control-when-your.html
Video:
https://www.youtube.com/watch?v=y_OWz25sHMI
SEC Consult Vulnerability Lab Security Advisory < 20160922-0 >
===
title: Potential backdoor access through multiple vulnerabi
We have published an accompanying blog post to this technical advisory with
further information:
http://blog.sec-consult.com/2016/12/backdoor-in-sony-ipela-engine-ip-cameras.html
SEC Consult Vulnerability Lab Security Advisory < 2016120
SEC Consult Vulnerability Lab Security Advisory < 20170322-0 >
===
title: Multiple vulnerabilities
product: Solare Datensysteme GmbH
Solar-Log 250/300/500/800e/1000/1000 PM+/120
SEC Consult Vulnerability Lab Security Advisory < 20170316-0 >
===
title: Authenticated Command Injection
product: Multiple Ubiquiti Networks products, e.g.
TS-16-CARRIER, TS
SEC Consult Vulnerability Lab Security Advisory < 20170403-0 >
===
title: Misbehavior of the "fsockopen" function
product: PHP
vulnerable version: 7.1.2
fixed version:
CVE
SEC Consult Vulnerability Lab Security Advisory < 20170407-0 >
===
title: Server Side Request Forgery (SSRF) Vulnerability
product: MyBB
vulnerable version: 1.8.10
fixed version:
SEC Consult Vulnerability Lab Security Advisory < 20170308-0 >
===
title: Multiple vulnerabilities
product: Navetti PricePoint
vulnerable version: 4.6.0.0
fixed version: 4.7.0.0 or
SEC Consult Vulnerability Lab Security Advisory < 20170712-0 >
===
title: Multiple critical vulnerabilities
product: AGFEO Smart Home ES 5xx
AGFEO Smart Home ES 6xx
vuln
SEC Consult Vulnerability Lab Security Advisory < 20170724-0 >
===
title: Cross-Site Scripting (XSS)
product: Ubiquiti Networks EP-R6, ER-X, ER-X-SFP
vulnerable version: Firmware v1.9.1
SEC Consult Vulnerability Lab Security Advisory < 20170724-1 >
===
title: Open Redirect in Login Page
product: Multiple Ubiquiti Networks products, e.g.
TS-16-CARRIER, TS-5-POE
SEC Consult Vulnerability Lab Security Advisory < 20170727-0 >
===
title: Authenticated Command Injection &
Cloud User Weak Crypto & Privilege Escalation
product: Ubi
SEC Consult Vulnerability Lab Security Advisory < 20170727-1 >
===
title: Multiple vulnerabilities
product: KATHREIN - UFSconnect 916, UFSconnect 906
vulnerable version: 2.23 Build 224, 2.22 Bui
descriptions:
http://blog.sec-consult.com/2017/06/german-e-government-details-vulnerabilities.html
SEC Consult Vulnerability Lab Security Advisory < 20170630-0 >
===
title: Multiple critical vulnerabi
SEC Consult Vulnerability Lab Security Advisory < 20170804-0 >
===
title: Server Side Request Forgery Vulnerability
product: phpBB
vulnerable version: 3.2.0
fixed version: 3.2.1
CVE
SEC Consult Vulnerability Lab Security Advisory < 20170804-1 >
===
title: Authenticated Command Injection
product: Ubiquiti Networks UniFi Cloud Key
vulnerable version: Firmware v0.6.1
SEC Consult Vulnerability Lab Security Advisory < 20170822-0 >
===
title: Multiple vulnerabilities
product: Progress Sitefinity
vulnerable version: 9.1
fixed version: 10.1
CVE
A blog post with additional information is available here:
http://blog.sec-consult.com/2017/05/chainsaw-of-custody-manipulating.html
We have also released a video showing arbitrary code execution:
https://www.youtube.com/watch?v=1EngNIXSNQw
SEC Consult Vulnerability Lab Security Advisory
SEC Consult Vulnerability Lab Security Advisory < 20170509-0 >
===
title: Multiple vulnerabilities
product: I, Librarian PDF manager
vulnerable version: <=4.6 & 4.7
fixed version: 4.8
SEC Consult Vulnerability Lab Security Advisory < 20170622-0 >
===
title: XML External Entity Injection (XXE),
SQL Injection, Cross Site Scripting,
Local File Disc
SEC Consult Vulnerability Lab Security Advisory < 20170523-0 >
===
title: Arbitrary File Upload & Stored XSS
product: InvoicePlane
vulnerable version: 1.4.10
fixed version: 1.5.2
We have published an accompanying blog post to this technical advisory with
further information:
http://blog.sec-consult.com/2017/06/ghosts-from-past-authentication-bypass.html
SEC Consult Vulnerability Lab Security Advisory < 2017060
SEC Consult Vulnerability Lab Security Advisory < 20170613-0 >
===
title: Access Restriction Bypass
product: Atlassian Confluence
vulnerable version: 4.3.0 - 6.1.1
fixed version: 6.2.1
SEC Consult Vulnerability Lab Security Advisory < 20170914-0 >
===
title: Authenticated Command Injection
product: Ubiquiti Networks UniFi Cloud Key
vulnerable version: Firmware version &
SEC Consult Vulnerability Lab Security Advisory < 20170914-1 >
===
title: Persistent Cross-Site Scripting
product: SilverStripe CMS
vulnerable version: <=3.5.3
fixed versi
SEC Consult Vulnerability Lab Security Advisory < 20171016-0 >
===
title: Multiple vulnerabilities
product: Micro Focus VisiBroker C++
vulnerable version: 8.5 SP2
fixed version: 8.5 S
SEC Consult Vulnerability Lab Security Advisory < 20171017-0 >
===
title: Cross site scripting
product: Webtrekk Pixel tracking
vulnerable version: v3.24 to v3.40, v4.00 to v4.40, v5.00 to
SEC Consult Vulnerability Lab Security Advisory < 20170913-1 >
===
title: Local File Disclosure
product: VLC media player iOS app
vulnerable version: 2.7.8
fixed version: 2.8.1
CVE
SEC Consult Vulnerability Lab Security Advisory < 20170913-0 >
===
title: Multiple Vulnerabilities
product: IBM Infosphere Information Server / Datastage
vulnerable version: 9.1, 11.3, an
SEC Consult Vulnerability Lab Security Advisory < 20170912-0 >
===
title: Email verification bypass
product: SAP E-Recruiting
vulnerable version: 605, 606, 616, 617
fixed version: see SAP se
SEC Consult Vulnerability Lab Security Advisory < 20171018-0 >
===
title: Multiple vulnerabilities
product: Afian AB FileRun
vulnerable version: 2017.03.18
fixed version: 2017
SEC Consult Vulnerability Lab Security Advisory < 20171018-1 >
===
title: Multiple vulnerabilities
product: Linksys E series, see "Vulnerable / tested versions"
vulnerable version:
SEC Consult Vulnerability Lab Security Advisory < 20171130-1 >
===
title: OS Command Injection & Reflected Cross Site Scripting
product: OpenEMR
vulnerable version: 5.0.0
fixed vers
SEC Consult Vulnerability Lab Security Advisory < 20171129-0 >
===
title: FortiGate SSL VPN Portal XSS Vulnerability
product: Fortinet FortiOS
vulnerable version: see: Vulnerable / tested ve
SEC Consult Vulnerability Lab Security Advisory < 20171213-0 >
===
title: VPN credentials disclosure
product: Fortinet FortiClient
vulnerable version: <4.4.2335 on Linux, <5.6.
SEC Consult Vulnerability Lab Security Advisory < 20171114-0 >
===
title: Authentication bypass, cross-site scripting & code
execution
product: Siemens SICAM RTUs SM-2556 C
SEC Consult Vulnerability Lab Security Advisory < 20171116-0 >
===
title: Broken access control & LINQ injection
product: Progress Sitefinity
vulnerable version: 10.0, 10.1
fix
SEC Consult Vulnerability Lab Security Advisory < 20180514-0 >
===
title: Arbitrary File Upload & Cross-site scripting
product: MyBiz MyProcureNet
vulnerable version: 5.0.0
fixed versio
The following CVE numbers have been assigned now:
XSS issue: CVE-2018-11090
Arbitrary File Upload: CVE-2018-11091
On 2018-05-14 13:25, SEC Consult Vulnerability Lab wrote:
> SEC Consult Vulnerability Lab Security Advisory < 2018
SEC Consult Vulnerability Lab Security Advisory < 20180516-0 >
===
title: XXE & XSS vulnerabilities
product: RSA Authentication Manager
vulnerable version: 8.2.1.4.0-build1394922, < 8.3 P
SEC Consult Vulnerability Lab Security Advisory < 20180529-0 >
===
title: Unprotected WiFi access & Unencrypted data transfer
product: Vgate iCar 2 WiFi OBD2 Dongle
vulnerable version: Vgate i
We have published an accompanying blog post to this technical advisory with
further information:
Blog:
https://www.sec-consult.com/en/blog/2018/05/oracle-access-managers-identity-crisis/
Demo video: https://www.youtube.com/watch?v=YK7_1NozAwQ
SEC Consult Vulnerability Lab Security Advisory
SEC Consult Vulnerability Lab Security Advisory < 20180123-0 >
===
title: XXE & Reflected XSS
product: Oracle Financial Services Analytical Applications
vulnerable version: 7.3.5.x, 8.0.x
SEC Consult Vulnerability Lab Security Advisory < 20180131-0 >
===
title: Multiple Vulnerabilities
product: Sprecher Automation SPRECON-E-C, PU-2433
vulnerable version: <8.49 (most vulnerabili
We have published an accompanying blog post to this technical advisory with
further information:
https://www.sec-consult.com/en/blog/2018/02/internet-of-dildos-a-long-way-to-a-vibrant-future-from-iot-to-iod/index.html
SEC Consult Vulnerability Lab Security Advisory < 2018020
SEC Consult Vulnerability Lab Security Advisory < 20180208-0 >
===
title: Multiple Cross-Site Scripting Vulnerabilities
product: Sonatype Nexus Repository Manager OSS/Pro
vulnerable version: &l
SEC Consult Vulnerability Lab Security Advisory < 20180207-0 >
===
title: Multiple buffer overflow vulnerabilities
product: InfoZip UnZip
vulnerable version: UnZip <= 6.00 / UnZip <= 6.1c22
We have published an accompanying blog post to this technical advisory with
further information:
https://www.sec-consult.com/en/blog/2018/02/internet-of-babies-when-baby-monitors-fail-to-be-smart/index.html
SEC Consult Vulnerability Lab Security Advisory < 2018022
SEC Consult Vulnerability Lab Security Advisory < 20180813-0 >
===
title: SQL Injection, XSS & CSRF vulnerabilities
product: Pimcore
vulnerable version: 5.2.3 and below
fixed vers
SEC Consult Vulnerability Lab Security Advisory < 20180906-0 >
===
title: CSV Formula Injection
product: DokuWiki
vulnerable version: 2018-04-22a "Greebo" and older versions
fix
-consult.com/en/blog/advisories/privilege-escalation-via-linux-group-manipulation-in-all-adb-broadband-gateways-routers/
SEC Consult Vulnerability Lab Security Advisory < 20180704-0 >
===
title: Local root jailbre
SEC Consult Vulnerability Lab Security Advisory < 20180711-0 >
===
title: Remote code execution via multiple attack vectors
product: WAGO e!DISPLAY 7300T - WP 4.3 480x272 PIO1
vulnerable version:
SEC Consult Vulnerability Lab Security Advisory < 20180712-0 >
===
title: Remote Code Execution & Local File Disclosure
product: Zeta Producer Desktop CMS
vulnerable version
SEC Consult Vulnerability Lab Security Advisory < 20180312-0 >
===
title: Multiple Critical Vulnerabilities
product: SecurEnvoy SecurMail
vulnerable version: 9.1.501
fixed version: 9
SEC Consult Vulnerability Lab Security Advisory < 20180314-0 >
===
title: Arbitrary Shortcode Execution & Local File Inclusion
product: WOOF - WooCommerce Products Filter (PluginUs.Net)
SEC Consult Vulnerability Lab Security Advisory < 20180423-0 >
===
title: Multiple Stored XSS Vulnerabilities
product: WSO2 Carbon, WSO2 Dashboard Server
vulnerable version: WSO2 Identity Server
SEC Consult Vulnerability Lab Security Advisory < 20180424-0 >
===
title: Reflected Cross-Site Scripting
product: Zyxel ZyWALL: see "Vulnerable / tested version"
vulnerable version: ZLD
SEC Consult Vulnerability Lab Security Advisory < 20180227-0 >
===
title: OS command injection, arbitrary file upload & SQL injection
product: ClipBucket
vulnerable version: <4.0.0 -
SEC Consult Vulnerability Lab Security Advisory < 20180228-0 >
===
title: Insecure Direct Object Reference
product: TestLink Open Source Test Management
vulnerable version: <1.9.17
fixe
SEC Consult also published a blog post regarding the identified security issues
with further background information:
Blog: https://r.sec-consult.com/xmeye
SEC Consult Vulnerability Lab Security Advisory < 2018100
SEC Consult Vulnerability Lab Security Advisory < 20181001-0 >
===
title: Password disclosure vulnerability & XSS
product: PTC ThingWorx
vulnerable version: 6.5-7.4, 8.0.x, 8.1.x, 8.2.x
SEC Consult Vulnerability Lab Security Advisory < 20180926-0 >
===
title: Stored Cross-Site Scripting
product: Progress Kendo UI Editor
vulnerable version: v2018.1.221
fixed version: non
SEC Consult Vulnerability Lab Security Advisory < 20180924-0 >
===
title: Multiple Vulnerabilities
product: Citrix StorageZones Controller
vulnerable version: all versions before 5.4.2
SEC Consult Vulnerability Lab Security Advisory < 20181205-0 >
===
title: Inadequate cryptography implementation
product: Kerio Control VPN protocol
vulnerable version: <=9.2.7
fixed versi
SEC Consult Vulnerability Lab Security Advisory < 20181130-0 >
===
title: Multiple Vulnerabilities
product: Siglent Technologies SDS 1202X-E Digital Oscilloscope
vulnerable version: V5.1.3.13
SEC Consult Vulnerability Lab Security Advisory < 20181116-0 >
===
title: Multiple critical vulnerabilities
product: Miss Marple Enterprise Edition
vulnerable version: <2.0
fixed ver
1 - 100 of 233 matches
Mail list logo
