Full Disclosure
Posted by hyp3rlinx on Apr 11
[+] Credits: John Page AKA HYP3RLINX
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MOXA-MXVIEW-v2.8-REMOTE-PRIVATE-KEY-DISCLOSURE.txt
[+] ISR: APPARITIONSEC
Vendor:
============
www.moxa.com
Product:
===========
MXview V2.8
Download:
http://www.moxa.com/product/MXstudio.htm
MXview Industrial Network Management Software.
Auto discovery of network devices and physical connections
Event playback…
Posted by Rewanth Cool on Apr 09
Hi,
I’m sorry, I was not aware of the FD group and I was sending all my work to
the developers group (dev () nmap org). So now, I’m forwarding all my
vulnerability detection and exploitation NSE scripts to this group.
I developed an NSE script for the most recently found vulnerability.
It exploits the Buffer Overflow vulnerability in Microsoft Internet
Information Services (IIS) 6.0 and Microsoft Windows Server 2003.
Its marked…
Posted by Rewanth Cool on Apr 09
NSE Script for CVE 2017-6527 which was released on 9th March, 2017.
Description:
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is
vulnerable to a NULL-terminated directory traversal attack allowing an
unauthenticated attacker to access system files readable by the web server
user (by using the viewAppletFsa.cgi seqID parameter).
There is a PR on #783 <https://github.com/nmap/nmap/pull/783> on the same.
Best regards,…
Posted by Rewanth Cool on Apr 09
ASUSWRT is a wireless router operating system that powers many routers
produced by ASUS.
NSE scripts for CVE-2017-6547 ( XSS ) and CVE-2017-6549 ( Session stealing
) are developed for AsusWRT.
The script comes under “vuln”, “intrusive”, “exploit”, “dos” categories.
Failed attempts lead to dos attack.
There is a PR on #779 <https://github.com/nmap/nmap/pull/779> regarding the
both the latest…
Posted by Rewanth Cool on Apr 09
NSE Script for exploiting Directory traversal vulnerability in the Elegant
Themes Divi theme for WordPress.
It is marked under CVE-2015-1579.
Its patched for WordPress versions > 4.1.4
This script is under “vuln”, “intrusive” and “exploit” categories. So if
someone who scans the website using these modules it will disclose the
vulnerability to the end user.
There is a PR on #778 <…
Posted by Wester 95 on Apr 09
Hi team,
I would like to request one CVE id for this, thank you!
Details
======
Software: s9y Serendipity
Version: 2.1-rc1
Homepage: https://docs.s9y.org/
=======
Description
================
stored XSS in Serendipity v2.1-rc1 allows attacker steals admin’s cookie and other informations
===========
POC
==========
1.login as a common editor user
2.open a new entry ,then write:
<img src=1 onerror=alert(document.cookie)>…
Posted by Manuel Garcia Cardenas on Apr 09
=============================================
MGC ALERT 2017-003
– Original release date: April 06, 2017
– Last revised: April 10, 2017
– Discovered by: Manuel García Cárdenas
– Severity: 7,1/10 (CVSS Base Score)
=============================================
I. VULNERABILITY
————————-
WordPress Plugin Spider Event Calendar 1.5.51 – Blind SQL Injection
II. BACKGROUND
————————-
WordPress event calendar is a FREE…
Posted by Karn Ganeshen on Apr 07
*VMU-C Web-Server solution for photovoltaic applications*
VMU-C EM is a data logger system for small to medium projects, VMUC-Y EM is
a hardware data aggregator for medium to larger projects and Em2 Server is
a software solution for large projects. They are designed to complement the
extensive line of Carlo Gavazzi energy meters and current transformers.
*ICS-CERT advisory*
https://ics-cert.us-cert.gov/advisories/ICSA-17-012-03
*CVE-IDs*…
Posted by Karn Ganeshen on Apr 07
Cambium SNMP Security Vulnerabilities
AFFECTED PRODUCTS
Cambium ePMP 1000
Cambium ePMP 2000
Cambium PMP XXX
Cambium ForceXXX models
Potentially all other models
IMPACT
These vulnerabilities may allow an attacker to access device configuration
as well as make unauthorized changes to the device configuration.
Disclosure Timelines
First reported to ICS-CERT – Sep 12, 2017
Latest vendor response – Apr 5, 2017
Fix planned for Q2 2017
Public…
Posted by Karn Ganeshen on Apr 07
SenNet Data Logger appliances and Electricity Meters Multiple
Vulnerabilities
Note: Vendor has released the fix. Details to be documented in ICS-CERT
Advisory.
About
SenNet is a trademark of Satel Spain that offers monitoring and
remote-control solutions for businesses. Our engineers develop, integrate
and test the products of SenNet in our facilities in Madrid (Spain)….