:: Deepquest ::

Virus.Win32.Ipamor.c malware suffers from an unauthenticated remote system reboot vulnerability.

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 (released September 8th 2021).

Backdoor.Win32.Prorat.ntz malware suffers from a man-in-the-middle vulnerability.

Backdoor.Win32.Prorat.ntz malware suffers from having a weak hardcoded password.

This Metasploit module exploits an SID-based command injection in Sophos UTM’s WebAdmin interface to execute shell commands as the root user.

Apple Security Advisory 2021-10-26-4 – macOS Big Sur 11.6.1 addresses code execution, integer overflow, out of bounds read, and out of bounds write vulnerabilities.

Apple Security Advisory 2021-10-26-5 – Security Update 2021-007 Catalina addresses code execution, integer overflow, out of bounds read, and out of bounds write vulnerabilities.

Apple Security Advisory 2021-10-26-6 – watchOS 8.1 addresses buffer overflow, code execution, cross site scripting, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Apple Security Advisory 2021-10-26-7 – tvOS 15.1 addresses buffer overflow, code execution, cross site scripting, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Apple Security Advisory 2021-10-26-8 – Safari 15 addresses bypass, code execution, and use-after-free vulnerabilities.