Security
Headlines
HeadlinesLatestCVEs

Tag

#wifi

Wifi HD Wireless Disk Drive 11 Local File Inclusion

Wifi HD Wireless Disk Drive version 11 suffers from a local file inclusion vulnerability.

Packet Storm
Open in Source
#vulnerability#web#mac#apple#auth#webkit#wifi
Threat Source newsletter (Sept. 1, 2022) — Conversations about an unborn baby's privacy

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  This week marks about 90 days before my wife’s due date with our first child, a baby girl. We’re both incredibly excited and nervous at the same time, and we have much to discuss, like how to lay out the nursery, what times we’ll put her down for a nap and who must be the one to get up the first time she starts crying at 2 a.m.  But the first true argument my wife and I have had about having a child is whether we should show the baby’s face on Instagram.  This child isn’t even born yet, and social media companies are probably already building out a data profile on her. I signed up for the What to Expect app so I could follow along with my wife’s pregnancy progress and learn more about what she’s going through and how the baby is developing. Already I’m getting targeted ads on the app and my Instagram for specific brands of baby food, the stroller that we’ve listed on our registry and an automati...

Interested in Reducing Your Risk Profile? Jamf Has a Solution for That

The threat landscape has changed dramatically over the past decade. While cybercriminals continue to look for new ways to gain access to networks and steal sensitive information, the mobile attack surface is also expanding. Mobile devices are not only becoming more powerful but also more vulnerable to cyberattacks, making mobile security an increasingly important concern for enterprises. This

CVE-2022-37149: iot-vul/Readme.md at main · fxc233/iot-vul

WAVLINK WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability when operating the file adm.cgi. This vulnerability allows attackers to execute arbitrary commands via the username parameter.

CVE-2022-36560: seiko-skybridge-MB-A200.md

Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain multiple hard-coded passcodes for root. Attackers are able to access the passcodes at /etc/srapi/config/system.conf and /usr/sbin/ssol-sshd.sh.

CVE-2022-36558: seiko-skybridge-MB-A110.md

Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root account. Attackers are able to access the passcord via the file /etc/ciel.cfg.

CVE-2022-38555: Linksys | Networking & WiFi Technology

Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name.

CVE-2022-37086: vuln/H3C/H200/3 at main · Darry-lang1/vuln

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.

CVE-2022-37092: vuln/H3C/H200/5 at main · Darry-lang1/vuln

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById.