Security Affairs

MARCH 8, 2020

Netgear has addressed a critical remote code execution vulnerability that could be exploited by an unauthenticated attacker to take over AC Router Nighthawk (R7800) hardware running firmware versions prior to 1.0.2.68. NETGEAR strongly recommends that you download the latest firmware as soon as possible.”

Firmware 114

Firmware Wireless Advertising Authentication 114

Security Affairs

MAY 11, 2023

. “NETGEAR strongly recommends that you download the latest firmware as soon as possible.” ” The vendor addressed the issues in April 2023 with the release of firmware version 1.0.10.94 The remaining ones are authentication bypass and command injection flaws. for the RAX30 router family.

Hacking 94

Hacking Firmware Authentication DNS 94

Security Affairs

JULY 17, 2021

Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment vendor D-Link has released a firmware hotfix to address multiple vulnerabilities affecting the DIR-3040 AC3000-based wireless internet router. ” states the vendor.

Firmware 115

Firmware Wireless Passwords Internet 115

Security Affairs

NOVEMBER 10, 2022

The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. The researchers initially discovered an authentication bypass issue, then explored the systems looking at functionalities available to authenticated users such as uploading and downloading configuration files.

Firmware 128

Firmware Authentication Passwords Manufacturing 128

eSecurity Planet

JANUARY 16, 2024

Potential results of the exploits include authentication bypass and command injection. xml through the download portal. January 11, 2024 Smart Thermostat from Bosch Puts Offices in Danger Type of vulnerability: Malicious commands sent from an attacker to the thermostat, including potentially replacing firmware with rogue code.

Firewall 107

Firewall Firmware IoT Authentication 107

CyberSecurity Insiders

NOVEMBER 11, 2021

Ax with firmware 1.04b12 and earlier. NETGEAR DGN2200 devices with firmware through 10.0.0.50. Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.2, Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 7)C0 NAS520 before firmware V5.21(AASZ.3)C0 CVE-2015-2051. v001 / 3.40(ULM.0)b31

Malware 85

Malware IoT Firmware Authentication 85

Malwarebytes

APRIL 4, 2022

Zyxel says the vulnerability, listed as CVE-2022-0342 , is an authentication bypass vulnerability caused by the lack of a proper access control mechanism, which has been found in the CGI program of some firewall versions. The flaw could allow an attacker to bypass the authentication and obtain administrative access of the device.

Firewall 83

Firewall Firmware VPN Authentication 83

Security Affairs

AUGUST 31, 2020

Hackers target QNAP NAS devices running multiple firmware versions vulnerable to a remote code execution (RCE) flaw addressed by the vendor 3 years ago. QNAP addressed the vulnerability with the release of firmware version 4.3.3 The researchers discovered that the issue resides in the CGI program. /httpd/cgi-bin/authLogout.cgi.

Firmware 117

Firmware Advertising Malware Internet 117

Security Affairs

DECEMBER 12, 2020

“Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the device remotely.” NI recommends the following steps for mitigation: Download the NI CompactRIO 20.5 Update the firmware on CompactRIO controllers to v8.5

Firmware 84

Firmware Manufacturing Software Authentication 84

Malwarebytes

NOVEMBER 18, 2021

Authentication is not required to exploit this vulnerability. But a list of product models and the required firmware version can be found in the Netgear security advisory. Netgear strongly recommends that you download the latest firmware as soon as possible. Click Downloads. How to make sure you are safe.

Firmware 70

Firmware Internet Internet Mobile 70

Security Affairs

DECEMBER 23, 2018

The flaw was discovered by experts at Tenable that explained that an authenticated remote unprivileged user can change or download the running configuration or replace the appliance firmware where they shouldn’t. ” reads the security advisory published by Cisco. ” reads analysis from Tenable.

Firmware 111

Firmware Authentication Software Advertising 111

Security Affairs

DECEMBER 27, 2021

The researchers performed reverse engineering of the firmware image for the COMpact 5500, version 7.8A that was downloaded from the Auerswald support website. “Equipped with this password we then could authenticate successfully. “Firmware Update 8.2B

Firmware 90

Firmware Manufacturing Passwords Penetration Testing 90

SecureList

JUNE 20, 2023

The findings of the study reveal a number of serious security issues, including the use of hard-coded credentials, and an insecure firmware update process. We later managed to extract the firmware from the EEPROM for further static reverse engineering. Further hardware analysis of the circuit board helped us identify chips.

Firmware 92

Firmware Passwords Manufacturing Mobile 92

eSecurity Planet

MAY 27, 2024

GitHub Enterprise Server and GitLab patched their authentication bypass and XSS issues. Immediately update your QNAP devices to the most recent firmware to mitigate these issues. Check for future updates and be cautious while sharing download links to avoid exploitation. 3.11.10, 3.10.12, and 3.9.15.

Backups 64

Backups Authentication DDOS Engineering 64

SecureList

SEPTEMBER 29, 2022

In 2020, CVE-2020-28212 , a vulnerability affecting this software, was reported, which could be exploited by a remote unauthorized attacker to gain control of a PLC with the privileges of an operator already authenticated on the controller. The procedure acts as authentication. In firmware versions prior to 2.7

Firmware 88

Firmware Passwords Authentication Engineering 88

Security Affairs

APRIL 25, 2021

“The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. Unfortunately, experts noticed that more than 90% of the installs are still using flawed firmware versions and have yet to install the security updates (V3.01.21) provided by the vendor.

Firmware 109

Firmware Passwords Authentication Wireless 109

eSecurity Planet

JANUARY 22, 2024

The problem: The Unified Extensible Firmware Interface (UEFI) specification has an open-source network implementation, EDK II, with nine discovered vulnerabilities. The vulnerability also exists on GitHub Enterprise Server, but it can only be exploited by an authenticated user with an organization owner role. EPMM versions 11.10, 11.9

Authentication 111

Authentication Malware VPN Mobile 111

eSecurity Planet

SEPTEMBER 11, 2023

Alarmingly, this API lacks any form of authentication, allowing virtually anyone, even a malicious website you might visit, to send commands to the CLI. They can be remotely exploited without authentication, potentially enabling remote code execution, service disruptions, and arbitrary operations on the routers. via port 8076.

VPN 111

VPN Firmware Authentication Phishing 111

Security Affairs

AUGUST 27, 2021

This information is being shared as part of a coordinated disclosure with ICS-CERT, which published advisory ICSA-21-238-02 , and with the vendor, Annke, which has released firmware that fixes the issue.” The experts performed reverse engineering of the firmware to fully unrestricted SSH access. – Source Nozomi.

Surveillance 99

Surveillance Hacking Firmware Manufacturing 99

eSecurity Planet

OCTOBER 24, 2023

Be Careful with Downloads Downloads are one of the surest ways to introduce malware into your system. Look for Reliable Sources: Download software only from reputable sources and official websites. In the wrong hands, even an Office doc can be dangerous, so always know the source of any download.

Malware 120

Malware Antivirus Software Passwords 120

Malwarebytes

AUGUST 25, 2023

is related to incorrect authentication of the bulb, which means the device can be impersonated, allowing for Tapo password theft and device manipulation. Strong passwords, multi-factor authentication, even turning off products that won't be in use for a significant period of time. One vulnerability, with a CVSS score of 7.6

Passwords 98

Passwords Risk IoT Firmware 98

Security Affairs

MARCH 21, 2020

Multiple, if not all, Zyxel NAS products running firmware versions up to 5.21 are vulnerable to this pre-authentication command injection vulnerability. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. The vendor advisory is also available. reads the advisory published by CERT/CC.

DDOS 102

DDOS Authentication Advertising Firmware 102

Krebs on Security

APRIL 26, 2019

iLnkP2P is designed to allow users of these devices to quickly and easily access them remotely from anywhere in the world, without having to tinker with one’s firewall: Users simply download a mobile app, scan a barcode or enter the six-digit ID stamped onto the bottom of the device, and the P2P software handles the rest.

IoT 269

IoT Firewall Manufacturing Computers and Electronics 269

SecureWorld News

AUGUST 17, 2023

Citrix ShareFile (also known as Citrix Content Collaboration) is a managed file transfer SaaS cloud storage solution that allows customers and employees to upload and download files securely. CISA's alert went out August 16th. 10, which could allow unauthenticated attackers to compromise customer-managed storage zones.

Firmware 79

Firmware CISO Data breaches Software 79

SecureList

OCTOBER 25, 2023

The infection The first detected shellcode was located within the WININIT.EXE process, which has the ability to download binary files from bitbucket[.]org Notably, the Downloads folder, which would normally contain compiled project binaries, contains five binary files: delta.dat , delta.img , ota.dat , ota.img , and system.img.

Malware 114

Malware DNS Encryption Cryptocurrency 114

Malwarebytes

MARCH 9, 2022

As an authenticated user, the attacker could attempt to trigger malicious code in the context of the server’s account through a network call. So the attacker needs some form of authentication to exploit this vulnerability. The attacker needs to be authenticated to exploit the vulnerability. Very much the same as the above.

Authentication 98

Authentication Firmware Accountability 98

Malwarebytes

SEPTEMBER 7, 2021

In a security advisory , NetGear has announced it has fixed three vulnerabilities in firmware updates for several network devices. The vulnerability can lead to an authentication bypass which would allow the attacker to change the admin’s password (among other things), which would obviously result in a full compromise of the device.

Firmware 62

Firmware Passwords Authentication Internet 62

SecureWorld News

OCTOBER 8, 2023

Make it a habit to reboot devices often, ensuring that downloaded updates are activated. Additionally, be cautious when adding new friends; verify their authenticity through known offline connections. Use the administrator account only for maintenance, software installation, or firmware updates.

Firmware 87

Firmware IoT Accountability Passwords 87

SecureList

JUNE 8, 2022

Number of router vulnerabilities according to cve.mitre.org, 2010–2022 ( download ). Number of router vulnerabilities according to nvd.nist.gov, 2010–2022 ( download ). Distribution of router vulnerabilities by priority, 2021 ( download ). Make sure to update the firmware. Conclusion.

DDOS 96

DDOS Passwords IoT Firmware 96

Security Boulevard

NOVEMBER 10, 2022

The industrial automation giant ABB addressed the flaw with the release of firmware updates on July 14, 2022. The researchers initially discovered an authentication bypass issue, then explored the systems looking at functionalities available to authenticated users such as uploading and downloading configuration files.

Firmware 98

Firmware Authentication Passwords Manufacturing 98

Daniel Miessler

MAY 14, 2020

Keep your firmware and software updated. Enable two-factor authentication on all critical accounts. For your most important accounts—such as those controlling your email account, your bank, and your mobile phone account—you should enable two-factor authentication. Everything. Setting up Google 2FA.

Risk 345

Risk Password Management Passwords Accountability 345

Pen Test Partners

OCTOBER 9, 2023

There is no concrete method to follow as it will rely on contents of the decomposed design from Step 2, but typical examples might include the following: Intellectual property in the device firmware. Deploy malicious firmware. link] [link] Have a software/firmware update mechanism. Cryptographic keys on the device or pod.

IoT 52

IoT Firmware Mobile Manufacturing 52

Security Affairs

OCTOBER 3, 2018

A typical attack scenario to gain this information sees attackers to luring an authenticated NAS user by tricking it into visiting a specially crafted malicious website. Lenovo confirmed that firmware versions 4.1.402.34662 and earlier are vulnerable, users have to download firmware version 4.1.404.34716 (or later).

Hacking 80

Hacking Firmware Advertising Backups 80

SecureList

FEBRUARY 27, 2024

However, we decided not to update the toy immediately in order to explore what could be extracted from the older firmware version. ADB Activation We analyzed the configuration files contained in the firmware memory chip and found a setting called “ENABLE_ADB=N.” This was the first security-related issue we discovered.

Education 90

Education Manufacturing Firmware Internet 90

eSecurity Planet

OCTOBER 1, 2021

28 NSA-CISA document (PDF download) urges buyers to use standards-based VPNs from vendors with a track record of swiftly addressing known vulnerabilities and using strong authentication credentials. Examine whether a product offers strong authentication credentials and protocols by default, as opposed to weak credentials and protocols.

VPN 107

VPN Authentication Passwords Software 107

eSecurity Planet

MARCH 30, 2023

Additionally, FortiNAC can enforce company policies on device patching and firmware version. FortiNAC is integrated with FortiGate and other Fortinet products.

IoT 98

IoT Firewall Wireless Mobile 98

SecureList

MAY 23, 2022

An attacker that can carry out a MitM attack will be able to overwrite tag statuses, the program being downloaded to the device, or authentication data. Since authentication data is encrypted with a preset symmetric key, the attacker could decrypt an intercepted target (device) password.

Architecture 82

Architecture Authentication Passwords Encryption 82