Security Affairs

SEPTEMBER 8, 2020

“The authentication function contains undocumented code which provides the ability to authenticate as root without having to know the actual root password. An adversary with the private key can remotely authenticate to the management interface as root.” ” reads the advisory published by the expert.

Firmware 88

Firmware Wireless Authentication Advertising 88

Security Affairs

JULY 25, 2020

The flaws include reflected Cross-Site Scripting (XSS), buffer overflows, bypassing authentication issues, and arbitrary code execution bugs. The vendor pointed out that DAP-1522 and DIR-816L models that have reached their “end of support” phase, this means that these devices running firmware versions v1.42 (and below) and v12.06.B09

Firmware 100

Firmware Advertising Authentication Hacking 100

Security Affairs

JULY 11, 2019

may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access.” The second vulnerability addressed by Intel affects SSD DC S4500/S4600 series firmware, it could be exploited by an attacker with physical access for privilege escalation.

Firmware 78

Firmware Advertising Authentication Hacking 78

Security Affairs

JULY 10, 2020

The backdoor accounts in the firmware of 29 FTTH Optical Line Termination (OLT) devices from popular vendor C-Data. The security duo, composed of Pierre Kim and Alexandre Torres, disclosed seven vulnerabilities in the firmware of FTTH OLT devices manufactured by C-Data. ” reads the analysis published by the experts.

Firmware 98

Firmware Accountability Advertising Manufacturing 98

Security Affairs

DECEMBER 23, 2018

The flaw was discovered by experts at Tenable that explained that an authenticated remote unprivileged user can change or download the running configuration or replace the appliance firmware where they shouldn’t. In particular, the aaa authentication http console {LOCAL | <aaa-server>} command must be present,” Cisco concludes.

Firmware 111

Firmware Authentication Software Advertising 111

Security Affairs

DECEMBER 14, 2022

While the default security settings have improved over the review period, some popular brands either offer default passwords or no authentication, meaning anyone can spy on the spies. It is worrying that all analyzed brands have at least some models that allow users to keep default passwords or have no authentication setup whatsoever.

Surveillance 130

Surveillance Manufacturing Passwords Internet 130

Security Affairs

MAY 19, 2020

Palo Alto Networks Unit 42 researchers observed both the Mirai and Hoaxcalls botnets using an exploit for a post-authentication Remote Code Execution vulnerability in legacy Symantec Web Gateways 5.0.2.8. Experts note that the exploit is only effective for authenticated sessions and the affected devices are End of Life (EOL) from 2012.

IoT 108

IoT DDOS Authentication Firmware 108

Security Affairs

JULY 28, 2020

CGI password logger This installs a fake version of the device admin login page, logging successful authentications and passing them to the legitimate login page. The experts observed that once a device has been infected, the malicious code can prevent the installation of firmware updates.

Malware 105

Malware Firmware Advertising Manufacturing 105

Security Affairs

JUNE 14, 2019

of the firmware. The weakness impacts PIV smart card applications, Universal 2nd Factor (U2F) authentication, OATH one-time passwords, and OpenPGP. “An issue exists in the YubiKey FIPS Series devices with firmware version 4.4.2 there is no released firmware version 4.4.3) that was certified at the end of April.

Firmware 74

Firmware Advertising Authentication Passwords 74

Security Affairs

JANUARY 27, 2020

An attacker with this key can successfully authenticate as this user to the FortiSIEM Supervisor.” While the user’s shell is limited to running the /opt/phoenix/phscripts/bin/tunnelshell script, SSH authentication still succeeds.”. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. reads the advisory.

Firmware 116

Firmware Advertising Authentication Passwords 116

Security Affairs

SEPTEMBER 3, 2019

Researchers at firmware security firm Eclypsium discovered multiple vulnerabilities referred as USBAnywhere that could be exploited to potentially allow an attacker to take over the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11. ” reads the post published by Eclypsium.

Hacking 86

Hacking Firmware Media Authentication 86

Security Affairs

AUGUST 12, 2019

Searching online the expert first found an encrypted firmware, he found on a forum a Portable ROM Dumper , (a custom firmware update file that once loaded, dumps the memory of the camera into the SD Card) that allowed him to dump the camera’s firmware and load it into his disassembler (IDA Pro). Pierluigi Paganini.

Firmware 88

Firmware Ransomware Wireless Encryption 88

Security Affairs

OCTOBER 7, 2019

According to the Fortinet, the vulnerability impacts D-Link firmware in the DIR-655, DIR-866L, DIR-652, and DHP-1565 router families. We rated this as a critical issue since the vulnerability can be triggered remotely without authentication.” “The vulnerability begins with a bad authentication check.

Authentication 96

Authentication Firmware Advertising Hacking 96

Security Affairs

AUGUST 5, 2020

ZDNet has obtained a copy of the list with the help of threat intelligence firm KELA and verified confirmed the authenticity of the data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reported ZDNet.

VPN 136

VPN Passwords Banking Advertising 136

Krebs on Security

APRIL 26, 2019

But according to an in-depth analysis shared with KrebsOnSecurity by security researcher Paul Marrapese , iLnkP2P devices offer no authentication or encryption and can be easily enumerated, allowing potential attackers to establish a direct connection to these devices while bypassing any firewall restrictions.

IoT 261

IoT Firewall Manufacturing Computers and Electronics 261

Security Affairs

DECEMBER 18, 2018

Security experts at Applied Risk are affected by potentially serious flaws and the bad news is that the vendor will not release firmware updates because the impacted products have reached the end of life. ABB also published separate advisories for the missing authentication and XSS vulnerabilities.

Firmware 83

Firmware Advertising Manufacturing Authentication 83

Security Affairs

OCTOBER 1, 2018

“Just like the regular dnschanger , this campaign attempts to guess the password on the router’s web authentication page or bypass the authentication through the dnscfg. Js DNSChanger is written in JavaScript and includes 10 attack scripts designed to infect 6 routers or firmware packages. Pierluigi Paganini.

DNS 78

DNS Malware Firmware Phishing 78

Security Affairs

MAY 14, 2019

. “ A vulnerability in the logic that handles access control to one of the hardware components in Cisco’s proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component.” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware 87

Firmware Authentication Software Advertising 87

Security Affairs

AUGUST 7, 2020

Several media outlets independently analyzed the data leak and verified the authenticity of the data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reported ZDNet. Pierluigi Paganini.

Firmware 64

Firmware Advertising Engineering Hacking 64

Security Affairs

JUNE 23, 2020

Unlike other printer management protocols, the IPP protocol supports multiple security features, including authentication and encryption, but evidently organizations don’t use them. This info includes printer names, locations, models, firmware versions, organization names, and even WiFi network names. Pierluigi Paganini.

Internet 98

Internet Internet Firmware Advertising 98

Security Affairs

DECEMBER 17, 2019

TP-Link addressed a critical zero-day vulnerability ( CVE-2017-7405 ) in its TP-Link Archer routers that could be exploited by attackers to remotely take their control over LAN via a Telnet connection without authentication. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Archer MR200v4: [link].

Passwords 95

Passwords Advertising Firmware Authentication 95

Security Affairs

OCTOBER 3, 2018

A typical attack scenario to gain this information sees attackers to luring an authenticated NAS user by tricking it into visiting a specially crafted malicious website. Lenovo confirmed that firmware versions 4.1.402.34662 and earlier are vulnerable, users have to download firmware version 4.1.404.34716 (or later).

Hacking 82

Hacking Firmware Advertising Backups 82

Security Affairs

JUNE 25, 2020

“One of the screenshots seems to consist of LG Electronics official firmware or software update releases that assist their hardware products to work more efficiently.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Computers and Electronics 102

Computers and Electronics Ransomware Mobile Telecommunications 102

Security Affairs

MAY 2, 2019

The issues, including a hardcoded session ID, allow unauthenticated, remote attacker to stop, start, and disconnect any screen sharing session due to insufficient authentication checking in the moderator controls. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Wireless 76

Wireless Firmware Advertising Authentication 76

Security Affairs

OCTOBER 30, 2019

A Russian security researcher accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders. The Russian security researcher Anna Prosvetova, from Saint Petersburg, has accidentally discovered API and firmware issues that allowed her to take over all Xiaomi FurryTail pet feeders.

Hacking 45

Hacking Firmware Advertising DDOS 45

Security Affairs

FEBRUARY 5, 2020

More recent firmware versions had Telnet access and debug port (9527/ tcp ) disabled by default, but they had open port 9530/ tcp that could be exploited by attackers to send a special command to start telnet daemon and enable shell access with a static password ([ 1 ], [ 2 ], [ 3 ]). This is a subject of actual disclosure.”

Firmware 84

Firmware Encryption Advertising Passwords 84

Security Affairs

APRIL 17, 2020

The issue affects the following Cisco products if they have web access enabled and are running a firmware release earlier than the first fixed release for that device: IP Phone 7811, 7821, 7841, and 7861 Desktop Phones IP Phone 8811, 8841, 8845, 8851, 8861, and 8865 Desktop Phones Unified IP Conference Phone 8831 Wireless IP Phone 8821 and 8821-EX.

Big data 97

Big data Wireless Advertising Firmware 97

Security Affairs

AUGUST 3, 2019

The WPA Wireless security standard was designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and to establish secure connections that hackers cannot spy on. More worrisome, we found that the Wi-Fi firmware of Cypress chips only executes 8 iterations at minimum to prevent side-channel leaks.

Passwords 94

Passwords Hacking Wireless Authentication 94

Malwarebytes

MAY 13, 2021

To demonstrate their point, they released an ESP32 firmware that turns the micro-controller into an (upload only) modem. Using firmware based on the TU Darmstadt research, the device can broadcast a hardcoded default message and then listens for any new data to broadcast in a loop until a new message is received. Bridging the air gap.

Internet 117

Internet Internet Firmware Mobile 117

Security Affairs

FEBRUARY 25, 2020

. “Multiple ZyXEL network-attached storage (NAS) devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device.” “ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. and earlier.

Authentication 70

Authentication Advertising Firmware Internet 70

Security Affairs

NOVEMBER 20, 2018

The lack of proper input sanitization can be exploited without authentication to trigger DoS conditions and leak server information. Talos experts explained that parsing errors require an authenticated session for exploitation, a circumstance that can lead to remote code execution under the context of HTTPD. “If Pierluigi Paganini.

Authentication 68

Authentication Advertising Firmware Hacking 68

Security Affairs

JULY 16, 2018

Anubhav explained that the passwords are related to Dahua DVRs running very old firmware that is known to be affected by a five-year-old vulnerability tracked as CVE-2013-6117. Even if the vulnerability has been patched, many Dahua devices are still running ancient firmware. Pierluigi Paganini.

IoT 60

IoT Engineering Passwords Firmware 60

Security Affairs

DECEMBER 24, 2018

” Once the mobile app has discovered the IP address of the lights, it authenticates with them, receives an authentication token and retrieves information about the device. Experts found a flaw in the authentication process, it only authenticates the lights to the app and not visa- versa. . Pierluigi Paganini.

IoT 79

IoT Hacking DNS Authentication 79

Security Affairs

MARCH 19, 2022

AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use multifactor authentication where possible.

Ransomware 99

Ransomware DDOS Passwords Backups 99

Security Affairs

APRIL 25, 2022

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Use multifactor authentication where possible. hard drive, storage device, the cloud).

Ransomware 106

Ransomware Antivirus Passwords Malware 106

Security Affairs

JULY 29, 2018

“Cisco Talos recently discovered several vulnerabilities present within the firmware of the Samsung SmartThings Hub.” Samsung SmartThings Hub runs a Linux-based firmware and allows for communications with various IoT devices using various wireless standards Zigbee, Z-Wave, and Bluetooth. RCE Chain – CVE-2018-3911.

Firmware 54

Firmware IoT Advertising Wireless 54

Security Affairs

JULY 31, 2019

The list of flaws includes OS Command Injection, Unrestricted Upload of File with Dangerous Type, Cross-site Request Forgery, Small Space of Random Values, Cross-site Scripting, Exposure of Backup file to Unauthorized Control Sphere, Improper Authentication, and Use of Hard-coded Credentials. “Prima Systems FlexAir, Versions 2.3.38

Backups 58

Backups Authentication Advertising Firmware 58