:: Deepquest ::

Trend Micro OfficeScan 11.0/XG (12.0) – Information Disclosure

[eZine] i sh0t the white hat 1

[eZine] i sh0t the white hat 2

[eZine] i sh0t the white hat 3

LAquis SCADA 4.1.0.2385 – Directory Traversal (Metasploit)

Kaltura versions 13.1.0 and below suffer from code execution and cross site scripting vulnerabilities.

BlueBorne BlueTooth buffer overflow proof of concept exploit that causes a denial of service vulnerability on Linux kernels prior to 4.13.1.

This Metasploit module exploits a vulnerability in the Supervisor process control software, where an authenticated client can send a malicious XML-RPC request to supervisord that will run arbitrary shell commands on the server. The commands will be run as the same user as supervisord. Depending on how supervisord has been configured, this may be root. […]

FLIR FC-S/PT series suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user.

FLIR Camera PT-Series suffers from multiple unauthenticated remote command injection vulnerabilities. The vulnerability exist due to several POST parameters in controllerFlirSystem.php script when calling the execFlirSystem() function not being sanitized when using the shell_exec() PHP function while updating the network settings on the affected device. This allows the attacker to execute arbitrary system commands as […]