Full Disclosure
Posted by Onapsis Research on Oct 03
Onapsis Security Advisory ONAPSIS-2016-041: SAP OS Command Injection in SCTC_REFRESH_EXPORT_TAB_COMP
1. Impact on Business
=====================
By exploiting this vulnerability an authenticated user will be able to take full control of the system.
Risk Level: Critical
2. Advisory Information
=======================
– Public Release Date: 09/22/2016
– Last Revised: 09/22/2016
– Security Advisory ID: ONAPSIS-2016-041
– Onapsis SVS ID:…
Posted by user09990 on Sep 30
I was signed up CompTIA account with a fake name for a privacy reason. Later on, I wanted to update my name in CompTIA
account because I was planning to take their Security+ certificate. The problem is I cannot update my name directly
from the profile menu, it told me to create a support ticket (this is a good idea I guess). However, the support guy
asked me to upload a copy of a legal ID (driver’s license or passport) to the support…
Posted by Tim Schughart on Sep 30
Hello @all,
together with my colleague we found two uncritical vulnerabilities you’ll find below.
Product: UniFi AP AC Lite
Vendor: Ubiquiti Networks Inc.
Internal reference: ? (Bug ID)
Vulnerability type: Incorrect access control
Vulnerable version: Unify 5.2.7 and possible other versions affected (not tested)
Vulnerable component: Database
Report confidence: yes
Solution status: Not fixed by Vendor, the bug is a feature.
Fixed…
Posted by Tim Schughart on Sep 30
Hello @all,
together with my colleague we found two uncritical vulnerabilities you’ll find below.
Product: Sophos UTM
Vendor: Sophos ltd.
Internal reference: ? (Bug ID)
Vulnerability type: Information Disclosure
Vulnerable version: 9.405-5, 9.404-5 and possible other versions affected (not tested)
Vulnerable component: Frontend
Report confidence: yes
Solution status: Not fixed by Vendor, no further responses from vendor.
Fixed…
Posted by Matthias Deeg on Sep 30
tl;dr
Today, SySS published a proof-of-concept video demonstrating a mouse
spoofing attack resulting in remote code execution due to insecure
wireless mouse communication:
https://www.youtube.com/watch?v=PkR8EODee44
—–
Radioactive Mouse States the Obvious
In the course of their research project about modern wireless desktop
sets using AES encryption, Expert IT Security consultant Matthias Deeg
and IT Security Consultant Gerhard…
Posted by Matthias Deeg on Sep 30
Advisory ID: SYSS-2016-061
Product: PERIDUO-710W
Manufacturer: Perixx Computer GmbH
Affected Version(s): Part No. KG-1027
Tested Version(s): Part No. KG-1027
Vulnerability Type: Insufficient Verification of Data Authenticity (CWE-345)
Mouse Spoofing Attack
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-06-28
Solution Date: –
Public Disclosure: 2016-09-30
CVE Reference: Not yet assigned
Authors of…
Posted by Matthias Deeg on Sep 30
Advisory ID: SYSS-2016-060
Product: M520 (Mouse of Wireless Combo MK520)
Manufacturer: Logitech
Affected Version(s): Model Y-R0012
Tested Version(s): Model Y-R0012
Vulnerability Type: Insufficient Verification of Data Authenticity (CWE-345)
Mouse Spoofing Attack
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-06-28
Solution Date: –
Public Disclosure: 2016-09-30
CVE Reference: Not yet assigned
Authors…
Posted by Matthias Deeg on Sep 30
Advisory ID: SYSS-2016-058
Product: CHERRY B.UNLIMITED AES
Manufacturer: Cherry GmbH
Affected Version(s): JD-0400EU-2/01
Tested Version(s): JD-0400EU-2/01
Vulnerability Type: Insufficient Verification of Data Authenticity (CWE-345)
Mouse Spoofing Attack
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-06-28
Solution Date: –
Public Disclosure: 2016-09-30
CVE Reference: Not yet assigned
Authors of…
Posted by Larry W. Cashdollar on Sep 30
Title: Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
Author: Larry W. Cashdollar, @_larry0
Date: 2016-09-16
Download Site: http://huge-it.com/joomla-portfolio-gallery/
Vendor: huge-it.com
Vendor Notified: 2016-09-17
Vendor Contact: info () huge-it com
Description: Huge-IT Portfolio Gallery extension can do wonders with your website. If you wish to show your photos,
videos, enclosing the additional images and videos,…
Posted by Tim Schughart on Sep 29
Hi@all,
Product: Abus Security Cams
Vendor:Abus Group
Internal reference: –
Vulnerability type: Cross Site Scripting
Vulnerable version: 0101a and possible other versions affected (not tested)
Vulnerable component: FTP
Report confidence: Confirmed
Solution status: Not fixed by Vendor, will not patch the vuln.
Fixed versions: –
Researcher credits: Tim Schughart & Khanh Quoc Pham of ProSec Networks
Vendor notification: 2016-09-21…