Full Disclosure
Posted by Pedro Ribeiro on Aug 05
tl;dr
Lots of RCE, hardcoded credentials, stack buffer overflow and
information disclosure in the Nuuo NVRmini and other network video
recorders of the same vendor.
These vulnerabilities also affect the NETGEAR Surveillance app (which
can be installed on the NETGEAR ReadyNAS).
See the full advisory including PoC and exploits below, or at my github
(https://raw.githubusercontent.com/pedrib/PoC/master/advisories/nuuo-nvr-vulns.txt).
Metasploit…
Posted by Manuel Mancera on Aug 05
================================================================
K2 Joomla! Extension < 2.7.1 – Reflected Cross Site Scripting
================================================================
Information
——————–
Name: K2 Joomla! Extension – Reflected Cross Site Scripting
Affected Software : K2
Affected Versions: < 2.7.1
Vendor Homepage : https://getk2.org/
http://extensions.joomla.org/extension/k2
Vulnerability Type :…
Posted by 0xr0ot on Aug 05
Hi,
Description of the potential vulnerability:
Severity: Medium
Affected versions: L(5.0/5.1), M(6.0)
Reported on: May 11, 2016
Disclosure status: Privately disclosed.
The vulnerability in SmartCall Activity components of Telecom application
can make crash and reboot a device when the malformed serializable object
is passed.
Fix:
http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016
SVE-2016-6244: Possible Privilege Escalation in…
Posted by 0xr0ot on Aug 05
Description of the potential vulnerability:
Severity: Medium
Affected versions: L(5.0/5.1), M(6.0)
Reported on: May 11, 2016
Disclosure status: Privately disclosed.
A vulnerability in SpamCall Activity components of Telecom application can
make crash and reboot a device when the malformed serializable object is
passed.
Fix:
http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016
SVE-2016-6242: Possible Privilege Escalation in telecom…
Posted by Benjamin Daniel Mussler on Aug 05
D-Link NAS, DNS Series: Stored XSS via Unauthenticated SMB
<http://b.fl7.de/2016/08/d-link-nas-dns-xss-via-smb.html>
1. Affected Models/Versions
2. Summary
3. Technical Summary
4. Vulnerability Details
5. Exploitation / Proof of Concept
6. Timeline
7. See Also
########## 1. Affected Models/Versions ##########
The vulnerability was initially discovered on a **D-Link DNS-320 rev A**
device running **firmware version 2.05b8** (also known…
Posted by David Coomber on Aug 05
Kaspersky Safe Browser iOS Application – MITM SSL Certificate
Vulnerability (CVE-2016-6231)
Posted by Klaus Eisentraut (SySS GmbH) on Aug 05
Advisory ID: SYSS-2016-065
Product: NASdeluxe NDL-2400r
Vendor: Starline Computer GmbH
Affected Version(s): 2.01.10
Tested Version(s): 2.01.09
Vulnerability Type: OS Command Injection (CWE-78)
Risk Level: High
Solution Status: no fix (product has reached EOL since 3 years)
Vendor Notification: 2016-07-04
Public Disclosure: 2016-08-03
CVE Reference: Not assigned
Author of Advisory: Klaus Eisentraut, SySS GmbH,…
Posted by Summer of Pwnage on Aug 05
————————————————————————
Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP
Object injection vulnerability
————————————————————————
Yorick Koster, June 2016
————————————————————————
Abstract
————————————————————————
A PHP Object injection…
Posted by Summer of Pwnage on Aug 05
————————————————————————
Cross-Site Scripting in Store Locator Plus for WordPress
————————————————————————
Yorick Koster, July 2016
————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was found in Store Locator…
Posted by Securify B.V. on Aug 05
————————————————————————
DLL side loading vulnerability in VMware Host Guest Client Redirector
————————————————————————
Yorick Koster, December 2015
————————————————————————
Abstract
————————————————————————
A DLL side loading vulnerability was found in the…