Monthly Archive: May 2019

Web Port 1.19.1 allows XSS via the /log type parameter. Date published : 2019-05-30 http://packetstormsecurity.com/files/158174/WebPort-1.19.1-Cross-Site-Scripting.html https://emreovunc.com/blog/en/WebPort-Reflected-XSS-02.png

Web Port 1.19.1 allows XSS via the /access/setup type parameter. Date published : 2019-05-30 http://packetstormsecurity.com/files/158174/WebPort-1.19.1-Cross-Site-Scripting.html https://emreovunc.com/blog/en/WebPort-Reflected-XSS-01.png

FileRun 2019.05.21 allows customizables/plugins/audio_player Directory Listing. This issue has been fixed in FileRun 2019.06.01. Date published : 2019-05-30 https://emreovunc.com/blog/en/FileRun-DirectoryListing-3.png https://filerun.com/changelog

FileRun 2019.05.21 allows css/ext-ux Directory Listing. This issue has been fixed in FileRun 2019.06.01. Date published : 2019-05-30 https://emreovunc.com/blog/en/FileRun-DirectoryListing-2.png https://filerun.com/changelog

FileRun 2019.05.21 allows images/extjs Directory Listing. This issue has been fixed in FileRun 2019.06.01. Date published : 2019-05-30 https://emreovunc.com/blog/en/FileRun-DirectoryListing-1.png https://filerun.com/changelog

** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have...

Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of...

ZxChat (aka ZeXtras Chat), as used for zimbra-chat and zimbra-talk in Synacor Zimbra Collaboration Suite 8.7 and 8.8 and in other products, allows XXE attacks, as demonstrated by a crafted XML request to mailboxd....

A buffer overflow vulnerability in the DHCP and PPPOE configuration interface of the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows a remote attacker (authenticated as simple user in the same network as the device)...

A command injection (missing input validation, escaping) in the ftp upgrade configuration interface on the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows an authenticated remote attacker (simple user) — in the same network as...

mailboxd component in Synacor Zimbra Collaboration Suite 8.6, 8.7 before 8.7.11 Patch 7, and 8.8 before 8.8.10 Patch 2 has Persistent XSS. Date published : 2019-05-29 https://bugzilla.zimbra.com/show_bug.cgi?id=109020 https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) does not validate (escape) the path information (path traversal), which allows an authenticated remote attacker to get access to privileged information...

A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device...

The network diagnostic function (ping) in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection. Date published :...