:: Deepquest ::

Strapi CMS 3.0.0-beta.17.4 – Set Password (Unauthenticated) (Metasploit)

WordPress IP2Location Country Blocker plugin version 2.26.7 suffers from a persistent cross site scripting vulnerability.

FLAME II MODEM USB suffers from an unquoted service path vulnerability.

This Metasploit module exploits an authentication bypass in Servisnet Tessa, triggered by add new sysadmin user. The app.js is publicly available which acts as the backend of the application. By exposing a default value for the “Authorization” HTTP header, it is possible to make unauthenticated requests to some areas of the application. Even MQTT (Message […]

This Metasploit module exploits an MQTT credential disclosure vulnerability in Servisnet Tessa. The app.js is publicly available which acts as the backend of the application. By exposing a default value for the “Authorization” HTTP header, it is possible to make unauthenticated requests to some areas of the application. Even MQTT (Message Queuing Telemetry Transport) protocol […]

WBCE CMS version 1.5.2 authenticated remote code execution exploit.

This Metasploit module exploits privilege escalation in Servisnet Tessa triggered by the add new sysadmin user flow with any user authorization. An API request to “/data-service/users/[userid]” with any low-authority user returns other users’ information in response. The encrypted password information is included here, but privilege escalation is also possible with the active sessionid value.

WAGO 750-8xxx PLC versions prior to Firmware 20 Patch 1 (v03.08.08) suffer from denial of service and user enumeration vulnerabilities.

Korenix Technology JetWave products JetWave 2212X, JetWave 2212S, JetWave 2212G, JetWave 2311, and JetWave 3220 suffer from unauthenticated device administration, cross site request forgery, multiple command injection, and unauthenticated tftp action vulnerabilities.

Voltage SecureMail Server versions prior to 7.3.0.1 suffer from a business logic bypass vulnerability.