Monthly Archive: June 2019

The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutation. Date published : 2019-06-10...

In Bevywise MQTTRoute 1.1 build 1018-002, a connect packet combined with a malformed unsubscribe request packet can be used to cause a Denial of Service attack against the broker. Date published : 2019-06-10 https://github.com/insi2304/MQTTRoute-fuzz/blob/master/MQTT_Route_crash.png

There is a Clickjacking vulnerability in Huawei HG255s product. An attacker may trick user to click a link and affect the integrity of a device by exploiting this vulnerability. Date published : 2019-06-10 https://support.huawei.com/carrier/navi?lang=en&coltype=software#col=software&detailId=PBI1-22976324&path=PBI1-7275726/PBI1-7275742/PBI1-22892608/PBI1-22903845/PBI1-21219153&lang=en...

In radare2 through 3.5.1, there is a heap-based buffer over-read in the r_egg_lang_parsechar function of egg_lang.c. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact...

An issue was discovered in Photodex ProShow Producer v9.0.3797 (an application that runs with Administrator privileges). It is possible to perform a buffer overflow via a crafted file. Date published : 2019-06-10 http://packetstormsecurity.com/files/153249/ProShow-9.0.3797-Privilege-Escalation.html https://github.com/risataimpt/Archivos_del_Blog/tree/master/Proshow

An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the Gateway key. Date published...

An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the IPAddress key. Date published...

The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. A simple POST request to /upnp/control/basicevent1 can allow an attacker to execute commands...

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. Date published : 2019-06-10 https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2 https://labs.twistedmatrix.com/2019/06/twisted-1921-released.html

A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There’s no other limitation of...

XSS on the PIX-Link Repeater/Router LV-WR09 with firmware v28K.MiniRouter.20180616 allows attackers to steal credentials without being connected to the network. The attack vector is a crafted ESSID. Date published : 2019-06-10 http://www.pix-link.com/page50?product_id=144 https://medium.com/@igor.lrgomes/cve-2019-11877-credentials-stealing-through-xss-on-pix-link-repeater-9a98c344f58e

WampServer before 3.1.9 has CSRF in add_vhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. An attacker could add/delete any vhosts without the consent of the owner. Date published : 2019-06-10...

Ruby OpenID (aka ruby-openid) through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers. Severity can range from medium to critical, depending on how...

HTML Injection has been discovered in the v0.19.0 version of the Fat Free CRM product via an authenticated request to the /comments URI. Date published : 2019-06-10 https://www.exploit-db.com/exploits/46617/ http://packetstormsecurity.com/files/152263/Fat-Free-CRM-0.19.0-HTML-Injection.html