Security
Headlines
HeadlinesLatestCVEs

Source

Zero Science Lab

Akuvox Smart Intercom/Doorphone Unauthenticated Stream Disclosure

The application suffers from an unauthenticated live stream disclosure when requesting video.cgi endpoint on port 8080.

Zero Science Lab
Open in Source
#auth
Deep Sea Electronics DSE855 Remote Authentication Bypass

The device is vulnerable to configuration disclosure when direct object reference is made to the Backup.bin file using an HTTP GET request. This will enable an attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and full system access.

Aquatronica Control System 5.1.6 Passwords Leak Vulnerability

The device suffers from an unauthenticated device configuration and client-side hidden functionality disclosure.

Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass

The device suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the set_pwd endpoint that enables them to overwrite the password of any user within the system. This grants unauthorized and administrative access to protected areas of the application compromising the device's system security.

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Config

The device suffers from an unauthenticated device configuration and client-side hidden functionality disclosure.

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass

The device suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the set_pwd endpoint that enables them to overwrite the password of any user within the system. This grants unauthorized and administrative access to protected areas of the application compromising the device's system security.

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config

The device suffers from an unauthenticated device configuration and client-side hidden functionality disclosure.

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass

The device suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the set_pwd endpoint that enables them to overwrite the password of any user within the system. This grants unauthorized and administrative access to protected areas of the application compromising the device's system security.

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config

The device suffers from an unauthenticated device configuration and client-side hidden functionality disclosure.

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass

The device suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the set_pwd endpoint that enables them to overwrite the password of any user within the system. This grants unauthorized and administrative access to protected areas of the application compromising the device's system security.