2021 September

Backdoor.Win32.VB.awm Authentication Bypass / Information Disclosure

Posted by deepcore under exploit (No Respond)

Backdoor.Win32.VB.awm malware suffers from bypass and information leakage vulnerabilities.

Posted by deepcore under exploit (No Respond)

ECOA building automation systems suffer from a cross site request forgery vulnerability. Many versions are affected.

Posted by deepcore under exploit (No Respond)

ECOA building automation systems suffer from a cookie poisoning vulnerability that allows for authentication bypass. Many versions are affected.

Posted by deepcore under exploit (No Respond)

ECOA building automation systems suffer from a configuration download information disclosure vulnerability. Many versions are affected.

Posted by deepcore under exploit (No Respond)

Backdoor.Win32.Wollf.h malware suffers from a code execution vulnerability.

Posted by deepcore under exploit (No Respond)

ECOA building automation systems have hardcoded SSH credentials. Many versions are affected.

Posted by deepcore under exploit (No Respond)

ECOA building automation systems suffer from missing encryption of sensitive information. Many versions are affected.

Posted by deepcore under exploit (No Respond)

ECOA building automation systems suffer from a remote privilege escalation vulnerability. Many versions are affected.

Posted by deepcore under exploit (No Respond)

ECOA building automation systems suffer from authorization bypass and insecure direct object reference vulnerabilities. Many versions are affected.

Posted by deepcore under exploit (No Respond)

ECOA building automation systems suffer from a local file disclosure vulnerability. Many versions are affected.