A Russian computer hacker and alleged spam kingpin was arrested in Barcelona, Spain, on Friday reportedly over suspicion of being involved in hacking attacks linked to alleged interference in last year’s United States presidential election process.
36-year-old Pyotr Levashov from St. Petersburg was detained by police in Barcelona after US authorities issued an international arrest warrant for
Vision Critical before 2014-05-30 allows attackers to read arbitrary files via unspecified vectors, as demonstrated by image files and configuration files.
TRENDnet WiFi Baby Cam TV-IP743SIC has a password of admin for the backdoor root account.
AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a “resource injection vulnerability.”
AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi.
Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of /ADMIN/ for the backdoor admin account, a password of merlin for the backdoor mg3500 account, a password of M100-4674448 for the backdoor user account, and a password of M100-4674448 for the backdoor admin account.
Philips In.Sight B120/37 has XSS, related to the Weaved cloud web service, as demonstrated by the name parameter to deviceSettings.php or shareDevice.php.
Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the backdoor admin account.
Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for the backdoor user account, and a password of guest for the backdoor guest account.
iBaby M6 allows remote attackers to obtain sensitive information, related to the ibabycloud.com service.