SSD Advisory – Linux AF_LLC Double Free

Vulnerability Summary A use after free vulnerability in AF_LLC allows local attackers to control the flow of code that the kernel executes, allowing them to cause it to run arbitrary code and gain elevated privileges. Vendor Response The vulnerability was reported to the Kernel Security, which asked us to contact ... Read More

SSD Advisory – TrustPort Management Unauthenticated Remote Code Execution

Vulnerability Summary Multiple vulnerabilities in TrustPort’s management product allow remote unauthenticated attackers to cause the product to execute arbitrary code. TrustPort Management “offers you an effective and practical way to install centrally, configure and update antivirus software in your network and it enables mass administration of TrustPort products. Central administration ... Read More

SSD Advisory – Western Digital My Cloud Pro Series PR2100 Authenticated RCE

Vulnerability Summary A vulnerability in the Western Digital My Cloud Pro Series PR2100 allows authenticated users to execute commands arbitrary commands. Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor Response The vendor was notified on the 28th of November 2017, and ... Read More

SSD Advisory – AppWeb Authentication Bypass (Digest, Basic and Forms)

Vulnerability Summary A critical vulnerability in the EmbedThis HTTP library, and Appweb versions 5.5.x, 6.x, and 7.x including the latest version present in the git repository. In detail, due to a logic flaw, with a forged HTTP request it is possible to bypass the authentication for form and digest login ... Read More

VK Messenger (VKontakte) vk:// URI Handler Commands Execution

Vulnerability Summary The following describes a vulnerability in VK Messenger that is triggered via the exploitation of improperly handled URI. VK (VKontakte; [..], meaning InContact) is “an online social media and social networking service. It is available in several languages. VK allows users to message each other publicly or privately, ... Read More

beVX Conference Challenge

During the event of OffensiveCon, we launched a reverse engineering and encryption challenge and gave the attendees the change to win great prizes. The challenge was divided into two parts, a file – can be downloaded from here: https://www.beyondsecurity.com/bevxcon/bevx-challenge-1 – that you had to download and reverse engineer and server ... Read More

SSD Advisory – CloudMe Unauthenticated Remote Buffer Overflow

The following advisory describes one (1) vulnerability found in CloudMe. CloudMe is “a file storage service operated by CloudMe AB that offers cloud storage, file synchronization and client software. It features a blue folder that appears on all devices with the same content, all files are synchronized between devices.” The ... Read More

Happy New Year 2018 – Challenge Solution

In our post found here: https://blogs.securiteam.com/index.php/archives/3616, we hid a challenge. The challenge was split into two parts: 1. Finding it 2. Solving it Finding it wasn’t very hard, the challenge was hidden inside the image, it wasn’t anything fancy, just inside the image you had a zip file appended to ... Read More

SSD Advisory – Monstra CMS RCE

Vulnerabilities Summary The following advisory describes a vulnerability found in Monstra CMS. Monstra is “a modern and lightweight Content Management System. It is Easy to install, upgrade and use.” The vulnerability found is a remote code execution vulnerability through an arbitrary file upload mechanism. Credit An independent security researcher, Ishaq ... Read More
Loading...