Category Archives: Full Disclosure

Full Disclosure

KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL Credentials

October 5, 2016 007admin

Posted by KoreLogic Disclosures on Oct 05

KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL
Credentials

Title: Cisco Firepower Threat Management Console Hard-coded MySQL Credentials
Advisory ID: KL-001-2016-005
Publication Date: 2016.10.05
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-005.txt

1. Vulnerability Details

Affected Vendor: Cisco
Affected Product: Firepower Threat Management Console
Affected Version:…

Full Disclosure

KL-001-2016-004 : Cisco Firepower Threat Management Console Authenticated Denial of Service

October 5, 2016 007admin

Posted by KoreLogic Disclosures on Oct 05

KL-001-2016-004 : Cisco Firepower Threat Management Console Authenticated Denial
of Service

Title: Cisco Firepower Threat Management Console Authenticated Denial of Service
Advisory ID: KL-001-2016-004
Publication Date: 2016.10.05
Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-004.txt

1. Vulnerability Details

Affected Vendor: Cisco
Affected Product: Firepower Threat Management Console
Affected…

Full Disclosure

Flash Operator Panel 2.31.03 – CSV Persistent Vulnerability

October 5, 2016 007admin

Posted by Vulnerability Lab on Oct 05

Document Title:
===============
Flash Operator Panel 2.31.03 – CSV Persistent Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1908

Release Date:
=============
2016-10-05

Vulnerability Laboratory ID (VL-ID):
====================================
1908

Common Vulnerability Scoring System:
====================================
3.6

Product & Service Introduction:…

Full Disclosure

Cyberoam iview UTM v0.1.2.7 – (Ajax) XSS Web Vulnerability

October 5, 2016 007admin

Posted by Vulnerability Lab on Oct 05

Document Title:
===============
Cyberoam iview UTM v0.1.2.7 – (Ajax) XSS Web Vulnerability

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1850

Release Date:
=============
2016-10-04

Vulnerability Laboratory ID (VL-ID):
====================================
1850

Common Vulnerability Scoring System:
====================================
3.3

Product & Service Introduction:…

Full Disclosure

Clean Master v1.0 – Unquoted Path Privilege Escalation

October 5, 2016 007admin

Posted by Vulnerability Lab on Oct 05

Document Title:
===============
Clean Master v1.0 – Unquoted Path Privilege Escalation

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=1968

Release Date:
=============
2016-10-05

Vulnerability Laboratory ID (VL-ID):
====================================
1968

Common Vulnerability Scoring System:
====================================
4

Product & Service Introduction:…

Full Disclosure

Re: Critical Vulnerability in Ubiquiti UniFi

October 4, 2016 007admin

Posted by Gregory Sloop on Oct 04

I attempted private contact with Tim Pham and via email 12+ hours ago, but received no response since then.

I’ve spent some time trying to reproduce the reported vulnerability and have had no success. It certainly doesn’t help
that the steps to reproduce it are so poorly described or documented.
Without better documentation of the exploit, it seems impossible to determine if the report is just mis-informed,
blatantly false, or if…

Full Disclosure