[FD] (CVE-2018-13417) Out-of-Band XXE in Vuze Bittorrent Client

/response and achieve Remote Command Execution in Windows domains. Exploitation can be demonstrated using evil-ssdp (https://gitlab.com/initstring/evil-ssdp). # Discovered By Chris Moberly @ The Missing Link Security # Vendor Status Multiple attempts to contact Vuze team resulted in no replies

[FD] (CVE-2018-13415) Out-of-Band XXE in Plex Media Server

and achieve Remote Command Execution in Windows domains. Exploitation can be demonstrated using evil-ssdp (https://gitlab.com/initstring/evil-ssdp). # Discovered By Chris Moberly @ The Missing Link Security # Vendor Status Disclosed to Plex security team, pending resolution. # Vulnerability

[FD] Out-of-Band XXE in Universal Media Server's SSDP Processing

/response and achieve Remote Command Execution in Windows domains. Exploitation can be demonstrated using evil-ssdp (https://gitlab.com/initstring/evil-ssdp). # Discovered By Chris Moberly @ The Missing Link Security # Vendor Status UMS team responded to notification within an hour, patch

[FD] Sitecore Directory Traversal Vulnerability

-- [Impact Information Disclosure] true -- [Has vendor confirmed or acknowledged the vulnerability?] true -- [Discoverer] Chris Moberly @ The Missing Link Security

[FD] Reflected XSS in n SolarWinds Serv-U FTP Server

Issue: Reflected Cross-Site Scripting CVE:CVE-2018-19934 Security researcher:Chris Moberly @ The Missing Link Security Product name: Serv-U FTP Server Product version:Tested on 15.1.6.25 (current as of Dec 2018) Fixed

[FD] Privilege Escalation + Remote Code Execution in SolarWinds Serv-U FTP Server

CVE:CVE-2018-15906 Attack type:Remote, authenticated Discovered by: Chris Moberly @ The Missing Link Security Operating Systems: Verified on Win10 and Win2016 Vulnerable version: Tested on 15.1.6 (current as of August 2018). Fixed in: Serv-U 15.1.6 Hotfix 2

[FD] Local Privilege Escalation via Serv-U FTP Server

Issue: Local Privilege Escalation CVE:CVE-2018-1 Security researcher:Chris Moberly @ The Missing Link Security Product name: Serv-U FTP Server Product version:Tested on 15.1.6.25 (current as of Dec 2018) Fixed in: 15.1.7

[FD] Huge DOCSIS issue

I have tried about everything to get this looked at and nothing has worked. I am hoping you guys can go look at this and see if this is as bad as it looks. I am trying to be nice and trying to be a professional. Its not working. Every aspect of DOCSIS seems from 1990. The thread I link to we

Re: [FD] Is the era of ezine txt files over?

I’m just going to leave this here for any future exploit developers. http://patorjk.com/software/taag/ On 7/11/14, 2:43 PM, Daniel Miller bonsaivik...@gmail.com wrote: SkyLined, Sadly, the mailing list wrapped your ascii art sig and ruined the effect. Is that irony, or Alanis Morissette?

Re: [FD] 0-Day: Dahua backdoor Generation 2 and 3

{ "id" : 1, "params" : null, "result" : true, "session" : 1175887285 } > > [>] Logging out > [<] 200 OK > > [*] All done... > $ > > [ETX] > > > > > > ___ &