11 - 2018 - :: Deepquest ::

>> D-LINK Central WifiManager (CWM 100) 1.03 r0098 Server-Side Request Forgery

USER: deepcore // 2018-11-10 // 0 CMT

Using a web browser or script server-side request forgery (SSRF) can be initiated against internal/external systems to conduct port scans by leveraging D-LINK’s MailConnect component. The MailConnect feature on D-Link…

>> D-LINK Central WifiManager (CWM 100) 1.03 r0098 DLL Hijacking

USER: deepcore // 2018-11-10 // 0 CMT

D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices will load a trojan horse “quserex.dll” and will create a new thread running with SYSTEM integrity.

>> http://leamsingha.go.th/king.txt

USER: deepcore // 2018-11-10 // 0 CMT

http://leamsingha.go.th/king.txt notified by ErrOr SquaD

>> http://chanmunic.go.th/king.txt

USER: deepcore // 2018-11-10 // 0 CMT

http://chanmunic.go.th/king.txt notified by ErrOr SquaD

>> http://www.kakoh.go.th/imggallery

USER: deepcore // 2018-11-10 // 0 CMT

http://www.kakoh.go.th/imggallery notified by Yacine_Dexter

>> http://ictg.onwr.go.th/layouts/

USER: deepcore // 2018-11-09 // 0 CMT

http://ictg.onwr.go.th/layouts/ notified by Ayyıldız Tim

>> http://flood.correct.go.th

USER: deepcore // 2018-11-09 // 0 CMT

http://flood.correct.go.th notified by Ayyıldız Tim

>> [shellcode] Linux/x64 – Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)

USER: deepcore // 2018-11-09 // 0 CMT

Linux/x64 – Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)

>> eToolz 3.4.8.0 Denial Of Service

USER: deepcore // 2018-11-08 // 0 CMT

eToolz version 3.4.8.0 suffers from a denial of service vulnerability.

>> VSAXESS 2.6.2.70 Build 20171226_053 Denial Of Service

USER: deepcore // 2018-11-08 // 0 CMT

VSAXESS version 2.6.2.70 build 20171226_053 suffers from an organization field denial of service vulnerability.