Monthly Archive: October 2020

IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an...

In SonarQube 8.4.2.36762, an external attacker can achieve authentication bypass through SonarScanner. With an empty value for the -D sonar.login option, anonymous authentication is forced. This allows creating and overwriting public and private projects...

An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle (for example) GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress. Date published : 2020-10-29 https://github.com/FastReports/FastReport/compare/v2020.3.0…v2020.4.0 https://github.com/FastReports/FastReport/pull/206

An issue was discovered in SmartStoreNET before 4.0.1. It does not properly consider the need for a CustomModelPartAttribute decoration in certain ModelBase.CustomProperties situations. Date published : 2020-10-29 https://github.com/smartstore/SmartStoreNET/commit/8702c6140f4fc91956ef35dba12d24492fb3f768 https://github.com/smartstore/SmartStoreNET/compare/4.0.0…4.0.1

SQL Injection in Zoho ManageEngine Applications Manager 14 before 14560 allows an attacker to execute commands on the server via the MyPage.do template_resid parameter. Date published : 2020-10-29 https://www.manageengine.com/products/applications_manager/issues.html#v14560

Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files. Date published : 2020-10-29 https://www.exploit-db.com/exploits/48920

An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the nmap_binary parameter to lilac/autodiscovery.php. Date published...

An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to exploit the username_available function of the includes/functions.php file (which...

Cross-Site Scripting (XSS) vulnerability on WSO2 API Manager 3.1.0. By exploiting a Cross-site scripting vulnerability the attacker can hijack a logged-in user’s session by stealing cookies which means that a malicious hacker can change...

An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973).If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator (4 digits),...

An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges. Date published : 2020-10-29 Security vulnerabilities found affecting more than 80,000...

Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script...

Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors. Date published : 2020-10-29 https://www.synology.com/security/advisory/Synology_SA_20_14 https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1071

Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors. Date published : 2020-10-29 https://www.synology.com/security/advisory/Synology_SA_20_18 https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1071