| Real Name | Gjoko Krstic |
|---|---|
| Email address | private |
| First Active | 2007-07-26 |
| Last Active | 2024-04-18 |
Electrolink FM/DAB/TV Transmitter suffers from an unauthenticated parameter manipulation that allows an attacker to set the credentials to blank giving her access to the admin panel. It is also vulnerable to account takeover and arbitrary password change.
3531396821530bd27b027935beb5b1f2474e4ce3397185218b36a45664af9f26Electrolink FM/DAB/TV Transmitter suffers from an authentication bypass vulnerability affecting the Login Cookie. An attacker can set an arbitrary value except NO to the Login Cookie and have full system access.
f3b6802c80c2e4cb69f633b371d2be514c2309082ed530b0515e8aec53377715Electrolink FM/DAB/TV Transmitter suffers from a disclosure of clear-text credentials in controlloLogin.js that can allow security bypass and system access.
70c3b999a4b5275db8acaed179b976a817ce1f31fa0e23701824e4518bde9dedThe Electrolink FM/DAB/TV Transmitter suffers from a disclosure of clear-text credentials in login.htm and mail.htm that can allow security bypass and system access.
c48f747f8c225e4d94444f4ed07ee6455c398bd62f471bedb496b0bc8746b94fRoyalTSX version 6.0.1 suffers from an RTSZ file handling heap memory corruption vulnerability. The application receives SIGABRT after the RAPortCheck.createNWConnection() function is handling the SecureGatewayHost object in the RoyalTSXNativeUI. When the hostname has an array of around 1600 bytes and the Test Connection is clicked the application crashes instantly.
6bddf02ee202f21877203f81e88ca57213713fa9fe71c747db9f8b293f536b4aTinycontrol LAN Controller version 3 suffers from an insecure access control allowing an unauthenticated attacker to change accounts passwords and bypass authentication gaining panel control access.
b73a4ce4098f2e112550c164020040cd4883a903e72ab85a3eac9af475efe958Tinycontrol LAN Controller version 3 suffers from an issue where an unauthenticated attacker can retrieve the controller's configuration backup file and extract sensitive information that can allow him/her/them to bypass security controls and penetrate the system in its entirety.
4010a70611adf3f6b1b2deae4aa257eb13cae334608ce487ca572842a346f924Tinycontrol LAN Controller version 3 suffers from an unauthenticated remote denial of service vulnerability. An attacker can issue direct requests to the stm.cgi page to reboot and also reset factory settings on the device.
9b6ba51344fefe8dd52543c161ab1ed42968403a056b495c0371ffad0323a48cThe EuroTel ETL3100 TV and FM transmitters suffer from an unauthenticated configuration and log download vulnerability. This will enable the attacker to disclose sensitive information and help him in authentication bypass, privilege escalation and full system access.
16066a6818e6e4e0cbff4c06a01f3d229bdf94f93186113a922c895f6d2698abThe EuroTel ETL3100 transmitter is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access the hidden resources on the system and execute privileged functionalities.
cc86fe1ce248afc0a0a39f2572e3ebbe5c33449e3144ca2a530416b9b690998aEuroTel ETL3100 transmitters use a weak set of default administrative credentials that can be guessed in remote password attacks and gain full control of the system.
01968fa2229cd900e82c526109f7fea321b1e471640bb99f50efbca8c488e208Ateme TITAN File version 3.9 suffers from a server-side request forgery vulnerability that allows for file enumeration.
effb353a9f5359aa01480c360ee3c285aae8e678818f7d46c2f3644e50c4f925Anevia Flamingo XL version 3.2.9 suffers from an SSH sandbox escape via the use of traceroute. A remote attacker can breakout of the restricted environment and have full root access to the device.
d01a03802c6672cc17ac7216582cc0ad2e643d89808e99df7c959276e761db6dAnevia Flamingo XL version 3.6.20 suffers from an authenticated remote code execution vulnerability. A remote attacker can exploit this issue and execute arbitrary system commands granting her system access with root privileges.
43b14f668d4cb3067cebaa36c98d98889067ae017e721f40aa4910c9fb7f8585Anevia Flamingo XS version 3.6.5 suffers from an authenticated remote code execution vulnerability. A remote attacker can exploit this issue and execute arbitrary system commands granting her system access with root privileges.
53e095bd8aa1c01d2554ab8f1b300973ebf09ad1794d93fb1b09c6ffe2266f09Anevia Flamingo XL/XS versions 3.6.20 and 3.2.9 have a weak set of default and hardcoded administrative credentials that can be easily guessed in remote password attacks and gain full control of the system.
2deadfaf85581a1f50ccbbab6f33e8fcfb1e7bcb2cec62ab73bffe247af5652dScreen SFT DAB 600/C is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this via a specially crafted request to gain access to sensitive information including usernames and source IP addresses.
e3416b7b51b13c8a02e0377d294d6b4b558ba2a448f681c4ee83ec0d4a9214dfScreen SFT DAB 600/C suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.
0775eb59979d4285d81f3e446995dfddd17a03e6b3fb4d0066b5e60a4d94b27aScreen SFT DAB 600/C exploit that circumvents the control and requirement of the admin's old password and directly changes the password.
dfcbdbbd5c02702d5532b7a0e38376e5c9b13dc8b11dcbb24c7816464b0a1048Screen SFT DAB 600/C suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.
e5293775a6d798d227c2626e73ff3e846471a825452ef4ce910c61e4724d48d2Screen SFT DAB 600/C suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.
2848c1fbf6cfd49fdb794989936933fa8921c22fc36b62a88a8e30d1da63c3aaScreen SFT DAB 600/C suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.
1734aa4dedbdbfbce8e975323fff3ec40c7fd2ae37818906ff3811eabf272f54Sielco PolyEco Digital FM Transmitter version 2.0.6 uses a weak set of default administrative credentials that can be easily guessed in remote password attacks to gain full control of the system.
4b06b64589263878904bbae281d9bc23f194bb5f895a3a50d9058978920f6a0eSielco PolyEco Digital FM Transmitter version 2.0.6 suffers from a cookie brute forcing vulnerability that can allow for session hijacking.
8f1daeafa0b883f3bc1384e9d0ca0360450ece2b79076365d95798b698667cd0Sielco PolyEco Digital FM Transmitter version 2.0.6 suffers from authentication bypass, account takeover / lockout, and privilege escalation vulnerabilities that can be triggered by directly calling the user object and modifying the password of the two constants user/role (user/admin). This can be exploited by an unauthenticated adversary by issuing a single POST request to the vulnerable endpoint and gain unauthorized access to the affected device with administrative privileges.
1779dd48b3ba2fb604c2b3fe1410c7bc803e1f964aaa62ab3b478868956ced70
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed