#git

Cross-site Scripting (XSS) - Generic in GitHub repository dolibarr/dolibarr prior to 18.0.

Red Hat—the world’s leading provider of open source solutions—is excited to announce the successful completion of the Infosec Registered Assessors Program (IRAP) assessment of Red Hat OpenShift Service on AWS (ROSA). IRAP is managed by the Australian Signals Directorate (ASD). ASD endorses qualified cybersecurity professionals to provide relevant security assessment services which aim to secure broader industry and Australian government systems and data. The IRAP assessment rigorously evaluated ROSA controls and has provided assurance that ROSA aligns with the Australian Information S

The device allows access to an unprotected endpoint that allows MPFS File System binary image upload without authentication. The MPFS2 file system module provides a light-weight read-only file system that can be stored in external EEPROM, external serial Flash, or internal Flash program memory. This file system serves as the basis for the HTTP2 web server module, but is also used by the SNMP module and is available to other applications that require basic read-only storage capabilities. This can be exploited to overwrite the flash program memory that holds the web server's main interfaces and execute arbitrary code.

The transmitter is suffering from a Denial of Service (DoS) scenario. An unauthenticated attacker can reset the board as well as stop the transmitter operations by sending one GET request to the command.cgi gateway.

The device allows an unauthenticated attacker to bypass authentication and modify the Cookie to reveal hidden pages that allows more critical operations to the transmitter.

The application suffers from a privilege escalation vulnerability. An attacker can escalate his privileges by poisoning the Cookie from GUEST to ADMIN to effectively become Administrator or poisoning to ZSL to become Super Administrator.

The application is vulnerable to an unauthenticated parameter manipulation that allows an attacker to set the credentials to blank giving her access to the admin panel. Also vulnerable to account takeover and arbitrary password change.

The transmitter is vulnerable to an authentication bypass vulnerability affecting the Login Cookie. An attacker can set an arbitrary value except 'NO' to the Login Cookie and have full system access.

The device is vulnerable to a disclosure of clear-text credentials in controlloLogin.js that can allow security bypass and system access.

The device is vulnerable to a disclosure of clear-text credentials in login.htm and mail.htm that can allow security bypass and system access.