KL-001-2020-001 : Cellebrite Hardcoded ADB Authentication Keys
Title: Cellebrite Hardcoded ADB Authentication Keys
Advisory ID: KL-001-2020-001
Publication Date: 2020.04.13
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2020-001.txt
1. Vulnerability Details
KL-001-2020-002 : Cellebrite Restricted Desktop Escape and Escalation of User
Privilege
Title: Cellebrite Restricted Desktop Escape and Escalation of User Privilege
Advisory ID: KL-001-2020-002
Publication Date: 2020.05.14
Publication URL:
KL-001-2020-003 : Cellebrite EPR Decryption Relies on Hardcoded AES Key Material
Title: Cellebrite EPR Decryption Relies on Hardcoded AES Key Material
Advisory ID: KL-001-2020-003
Publication Date: 2020.06.29
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-003.txt
1.
KL-001-2020-004 : Barco wePresent Hardcoded API Credentials
Title: Barco wePresent Hardcoded API Credentials
Advisory ID: KL-001-2020-004
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-004.txt
1. Vulnerability Details
Affected Vendor:
KL-001-2020-009 : Barco wePresent Insecure Firmware Image
Title: Barco wePresent Insecure Firmware Image
Advisory ID: KL-001-2020-009
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-009.txt
1. Vulnerability Details
Affected Vendor:
KL-001-2020-005 : Barco wePresent Admin Credentials Exposed In Plain-text
Title: Barco wePresent Admin Credentials Exposed In Plain-text
Advisory ID: KL-001-2020-005
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-005.txt
1. Vulnerability
KL-001-2020-006 : Barco wePresent Authentication Bypass
Title: Barco wePresent Authentication Bypass
Advisory ID: KL-001-2020-006
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-006.txt
1. Vulnerability Details
Affected Vendor: Barco
KL-001-2020-007 : Barco wePresent Undocumented SSH Interface Accessible Via Web
UI
Title: Barco wePresent Undocumented SSH Interface Accessible Via Web UI
Advisory ID: KL-001-2020-007
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-007.txt
KL-001-2020-008 : Barco wePresent Global Hardcoded Root SSH Password
Title: Barco wePresent Global Hardcoded Root SSH Password
Advisory ID: KL-001-2020-008
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-008.txt
1. Vulnerability Details
KL-001-2021-004: CommScope Ruckus IoT Controller Hard-coded Web Application
Administrator Password
Title: CommScope Ruckus IoT Controller Hard-coded Web Application Administrator
Password
Advisory ID: KL-001-2021-004
Publication Date: 2021.05.26
Publication URL:
KL-001-2021-006: CommScope Ruckus IoT Controller Web Application Arbitrary
Read/Write
Title: CommScope Ruckus IoT Controller Web Application Arbitrary Read/Write
Advisory ID: KL-001-2021-006
Publication Date: 2021.05.26
Publication URL:
KL-001-2021-003: CommScope Ruckus IoT Controller Hard-coded System Passwords
Title: CommScope Ruckus IoT Controller Hard-coded System Passwords
Advisory ID: KL-001-2021-003
Publication Date: 2021.05.26
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-003.txt
1.
KL-001-2021-007: CommScope Ruckus IoT Controller Undocumented Account
Title: CommScope Ruckus IoT Controller Undocumented Account
Advisory ID: KL-001-2021-007
Publication Date: 2021.05.26
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-007.txt
1. Vulnerability Details
KL-001-2021-001: CommScope Ruckus IoT Controller Unauthenticated API Endpoints
Title: CommScope Ruckus IoT Controller Unauthenticated API Endpoints
Advisory ID: KL-001-2021-001
Publication Date: 2021.05.26
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-001.txt
1.
KL-001-2021-005: CommScope Ruckus IoT Controller Web Application Directory
Traversal
Title: CommScope Ruckus IoT Controller Web Application Directory Traversal
Advisory ID: KL-001-2021-005
Publication Date: 2021.05.26
Publication URL:
KL-001-2021-002: CommScope Ruckus IoT Controller Hard-coded API Keys Exposed
Title: CommScope Ruckus IoT Controller Hard-coded API Keys Exposed
Advisory ID: KL-001-2021-002
Publication Date: 2021.05.26
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-002.txt
1.
KL-001-2021-008: CyberArk Credential File Insufficient Effective Key Space
Title: CyberArk Credential File Insufficient Effective Key Space
Advisory ID: KL-001-2021-008
Publication Date: 2021.09.01
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-008.txt
1. Vulnerability
KL-001-2021-009: CyberArk Credential Provider Race Condition And Authorization
Bypass
Title: CyberArk Credential Provider Race Condition And Authorization Bypass
Advisory ID: KL-001-2021-009
Publication Date: 2021.09.01
Publication URL:
KL-001-2021-010:CyberArk Credential Provider Local Cache Can Be Decrypted
Title: CyberArk Credential Provider Local Cache Can Be Decrypted
Advisory ID: KL-001-2021-010
Publication Date: 2021.09.01
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-010.txt
1. Vulnerability
KL-001-2022-001: Moxa TN-5900 Firmware Upgrade Checksum Validation Vulnerability
Title: Moxa TN-5900 Firmware Upgrade Checksum Validation Vulnerability
Advisory ID: KL-001-2022-001
Publication Date: 2022.01.28
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2022-001.txt
1.
KL-001-2022-002: Moxa TN-5900 Post Authentication Command Injection
Vulnerability
Title: Moxa TN-5900 Post Authentication Command Injection Vulnerability
Advisory ID: KL-001-2022-002
Publication Date: 2022.01.28
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2022-002.txt
1.
KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance
Privilege Escalation via tcpdump
Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege
Escalation via tcpdump
Advisory ID: KL-001-2023-002
Publication Date: 2023.08.17
Publication URL:
KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance
Arbitrary File Modification via sudoedit
Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File
Modification via sudoedit
Advisory ID: KL-001-2023-003
Publication Date: 2023.08.17
Publication URL:
KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance
Arbitrary File Read via sudo dig
Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File
Read via sudo dig
Advisory ID: KL-001-2023-001
Publication Date: 2023.08.17
Publication URL:
KL-001-2024-001: Artica Proxy Unauthenticated LFI Protection Bypass
Vulnerability
Title: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability
Advisory ID: KL-001-2024-001
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-001.txt
KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible
Unauthenticated
Title: Artica Proxy Loopback Services Remotely Accessible Unauthenticated
Advisory ID: KL-001-2024-004
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt
KL-001-2024-003: Artica Proxy Unauthenticated File Manager Vulnerability
Title: Artica Proxy Unauthenticated File Manager Vulnerability
Advisory ID: KL-001-2024-003
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-003.txt
1. Vulnerability
KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability
Title: Artica Proxy Unauthenticated PHP Deserialization Vulnerability
Advisory ID: KL-001-2024-002
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-002.txt
1.
28 matches
Mail list logo