#telnet

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services.

A security misconfiguration vulnerability exists in the Zyxel LTE3316-M604 firmware version V2.00(ABMP.6)C0 due to a factory default misconfiguration intended for testing purposes. A remote attacker could leverage this vulnerability to access an affected device using Telnet.

A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different campaigns likely conducted by the same threat actor. "Once the vulnerable devices are compromised, they

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V2.85.44), SiPass integrated ACC-AP (All versions < V2.85.43). Affected devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges.

A command injection vulnerability in the firmware_update command, in the device's restricted telnet interface, allows an authenticated attacker to execute arbitrary commands as root.

**What is the curl open-source project?** Curl is a computer software project providing a library (libcurl) and command-line tool (curl) for transferring data using various network protocols. The name stands for "Client for URL". The Windows implementation provides access to the command-line tool, not the library. **What version of curl addresses this CVE?** Curl version 7.87.0 addresses this vulnerability. **Is CVE-2022-43552 going to be addressed in all supported versions of Windows?** Supported versions of Windows will be updated in a future security release after the March 14, 2023 release. This CVE will be updated when the update is available. Use the Security Update Guide Profile to sign up for automatic notifications. **Where can I find more information about this curl vulnerability?** More information can be found at NVD and curl.se **Are there any workarounds that can be implemented?** Preventing the execution of curl.exe is a workaround to be considered Use a WDAC p...

A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.

TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which is stored in the component /web_cste/cgi-bin/product.ini.

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet service which is stored in the component /etc/config/product.ini.

By Waqas An OSINT tool is a must for every researcher - In this article, we will explore the 15 best OSINT tools that you can use for your investigations. This is a post from HackRead.com Read the original post: What is an OSINT Tool – Best OSINT Tools 2023