Full Disclosure

Syndicate content
A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.
Updated: 2 hours 27 min ago

SEC Consult SA-20240606-0 :: Multiple critical vulnerabilities in Kiuwan SAST on-premise (KOP) & cloud/SaaS & Kiuwan Local Analyzer (KLA)

9 June, 2024 - 02:39

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 09

SEC Consult Vulnerability Lab Security Advisory < 20240606-0 >
=======================================================================
title: Multiple critical vulnerabilities
product: Kiuwan SAST on-premise (KOP) & cloud/SaaS
Kiuwan Local Analyzer (KLA)
vulnerable version: Kiuwan SAST <2.8.2402.3
Kiuwan Local Analyzer <master.1808.p685.q13371...

Blind SQL Injection - fengofficev3.11.1.2

9 June, 2024 - 02:39

Posted by Andrey Stoykov on Jun 09

# Exploit Title: FengOffice - Blind SQL Injection
# Date: 06/2024
# Exploit Author: Andrey Stoykov
# Version: 3.11.1.2
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/05/friday-fun-pentest-series-6.html

Steps to Reproduce:

1. Login to application
2. Click on "Workspaces"
3. Copy full URL
4. Paste the HTTP GET request into text file
5. Set the injection point to be in the "dim" parameter...

Trojan.Win32.DarkGateLoader (multi variants) / Arbitrary Code Execution

9 June, 2024 - 02:39

Posted by malvuln on Jun 09

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/afe012ed0d96abfe869b9e26ea375824.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln

Threat: Trojan.Win32.DarkGateLoader (multi variants)
Vulnerability: Arbitrary Code Execution
Description: Multiple variants of this malware look for and execute
x32-bit "urlmon.dll" PE file in its current directory. Therefore, we
can...

SQL Injection Vulnerability in Boelter Blue System Management (version 1.3)

9 June, 2024 - 02:39

Posted by InfoSec-DB via Fulldisclosure on Jun 09

Exploit Title: SQL Injection Vulnerability in Boelter Blue System Management (version 1.3)
Google Dork: inurl:"Powered by Boelter Blue"
Date: 2024-06-04
Exploit Author: CBKB (DeadlyData, R4d1x)
Vendor Homepage: https://www.boelterblue.com
Software Link: https://play.google.com/store/apps/details?id=com.anchor5digital.anchor5adminapp&hl=en_US
Version: 1.3
Tested on: Linux Debian 9 (stretch), Apache 2.4.25, MySQL >= 5.0.12
CVE:...

CyberDanube Security Research 20240528-0 | Multiple Vulnerabilities in ORing IAP-420

29 May, 2024 - 22:05

Posted by Thomas Weber via Fulldisclosure on May 29

CyberDanube Security Research 20240528-0
-------------------------------------------------------------------------------
title| Multiple Vulnerabilities
product| ORing IAP-420
vulnerable version| 2.01e
fixed version| -
CVE number| CVE-2024-5410, CVE-2024-5411
impact| High
homepage| https://oringnet.com/
found| 2024-01-19
by| T. Weber...

HNS-2024-06 - HN Security Advisory - Multiple vulnerabilities in Eclipse ThreadX

29 May, 2024 - 22:05

Posted by Marco Ivaldi on May 29

Hi,

Please find attached a security advisory that describes multiple
vulnerabilities we discovered in Eclipse ThreadX (aka Azure RTOS).

* Title: Multiple vulnerabilities in Eclipse ThreadX
* OS: Eclipse ThreadX < 6.4.0
* Author: Marco Ivaldi <marco.ivaldi () hnsecurity it>
* Date: 2024-05-28
* CVE IDs and severity:
* CVE-2024-2214 - High - 7.0 - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-2212 - High - 7.3 -...

SEC Consult SA-20240527-0 :: Multiple vulnerabilities in HAWKI didactic interface

27 May, 2024 - 21:50

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 27

SEC Consult Vulnerability Lab Security Advisory < 20240527-0 >
=======================================================================
title: Multiple vulnerabilities
product: HAWKI (Interaction Design Team at the University of Applied
Sciences and Arts in Hildesheim/Germany)
vulnerable version: 1.0.0-beta.1, versions before commit 146967f
    fixed version: Github commit 146967f...

SEC Consult SA-20240524-0 :: Exposed Serial Shell on multiple PLCs in Siemens CP-XXXX Series

27 May, 2024 - 21:50

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 27

SEC Consult Vulnerability Lab Security Advisory < 20240524-0 >
=======================================================================
title: Exposed Serial Shell on multiple PLCs
product: Siemens CP-XXXX Series (CP-2014, CP-2016, CP-2017, CP-2019, CP-5014)
vulnerable version: All hardware revisions
fixed version: Hardware is EOL, no fix
CVE number: -
impact: Low...

SEC Consult SA-20240522-0 :: Broken access control & API Information Exposure in 4BRO App

23 May, 2024 - 12:35

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 23

SEC Consult Vulnerability Lab Security Advisory < 20240522-0 >
=======================================================================
title: Broken access control & API Information Exposure
product: 4BRO App
vulnerable version: before 2024-04-17
fixed version: 2024-04-17
CVE number: -
impact: Critical
homepage: https://www.4bro.de
found: 2023-05-07...

[CFP] Security BSides Ljubljana 0x7E8 | September 27, 2024

23 May, 2024 - 12:34

Posted by Andraz Sraka on May 23

MMMMMMMMMMMMMMMMNmddmNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMN..-..--+MMNy:...-.-/yNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMy..ymd-.:Mm::-:osyo-..-mMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MM:..---.:dM/..+NNyyMN/..:MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
Mm../dds.-oy.-.dMh--mMds++MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
My:::::/ydMmo..-hMMMmo//omMs/+Mm+++++shNMN+//+//+oMNy+///ohM
MMMs//yMNo+hMh---m:-:hy+sMN..+Mo..os+.-:Ny--ossssdN-.:yyo+mM...

asterisk release 20.8.1

20 May, 2024 - 21:49

Posted by Asterisk Development Team via Fulldisclosure on May 20

The Asterisk Development Team would like to announce security release
Asterisk 20.8.1.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/20.8.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 20.8.1

## Change Log for Release asterisk-20.8.1

### Links:

- [Full ChangeLog](...

asterisk release 21.3.1

20 May, 2024 - 21:49

Posted by Asterisk Development Team via Fulldisclosure on May 20

The Asterisk Development Team would like to announce security release
Asterisk 21.3.1.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/21.3.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 21.3.1

## Change Log for Release asterisk-21.3.1

### Links:

- [Full ChangeLog](...

asterisk release 18.23.1

20 May, 2024 - 21:49

Posted by Asterisk Development Team via Fulldisclosure on May 20

The Asterisk Development Team would like to announce security release
Asterisk 18.23.1.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/18.23.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 18.23.1

## Change Log for Release asterisk-18.23.1

### Links:

- [Full ChangeLog](...

CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package

20 May, 2024 - 21:48

Posted by Andrea Intilangelo on May 20

CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package

Use CVE-2024-34058.

Additional info:

NethServer is an Open Source operating system for the Linux enthusiast, designed for small offices and medium
enterprises. From their website: "It's simple, secure and flexible" and "ready to deliver your messages, to protect
your network with the built-in firewall, share your files and much more,...