Security – Page 139 – :: Deepquest ::

>> [local] ASUS DisplayWidget Software 3.4.0.036 – 'ASUSDisplayWidgetService' Unquoted Service Path

USER: deepcore // 2021-06-22 // 0 CMT

ASUS DisplayWidget Software 3.4.0.036 – ‘ASUSDisplayWidgetService’ Unquoted Service Path

>> [local] iFunbox 4.2 – 'Apple Mobile Device Service' Unquoted Service Path

USER: deepcore // 2021-06-21 // 0 CMT

iFunbox 4.2 – ‘Apple Mobile Device Service’ Unquoted Service Path

>> [local] Wise Care 365 5.6.7.568 – 'WiseBootAssistant' Unquoted Service Path

USER: deepcore // 2021-06-21 // 0 CMT

Wise Care 365 5.6.7.568 – ‘WiseBootAssistant’ Unquoted Service Path

>> [remote] Solaris SunSSH 11.0 x86 – libpam Remote Root (3)

USER: deepcore // 2021-06-21 // 0 CMT

Solaris SunSSH 11.0 x86 – libpam Remote Root (3)

>> [webapps] OpenEMR 5.0.1.7 – 'fileName' Path Traversal (Authenticated)

USER: deepcore // 2021-06-21 // 0 CMT

OpenEMR 5.0.1.7 – ‘fileName’ Path Traversal (Authenticated)

>> [webapps] Node.JS – 'node-serialize' Remote Code Execution (3)

USER: deepcore // 2021-06-18 // 0 CMT

Node.JS – ‘node-serialize’ Remote Code Execution (3)

>> [remote] Dlink DSL2750U – 'Reboot' Command Injection

USER: deepcore // 2021-06-18 // 0 CMT

Dlink DSL2750U – ‘Reboot’ Command Injection

>> [webapps] ICE Hrm 29.0.0.OS – 'xml upload' Stored Cross-Site Scripting (XSS)

USER: deepcore // 2021-06-18 // 0 CMT

ICE Hrm 29.0.0.OS – ‘xml upload’ Stored Cross-Site Scripting (XSS)

>> [webapps] ICE Hrm 29.0.0.OS – 'Account Takeover' Cross-Site Request Forgery (CSRF)

USER: deepcore // 2021-06-18 // 0 CMT

ICE Hrm 29.0.0.OS – ‘Account Takeover’ Cross-Site Request Forgery (CSRF)

>> [webapps] ICE Hrm 29.0.0.OS – 'Account Takeover' Cross-Site Scripting and Session Fixation

USER: deepcore // 2021-06-18 // 0 CMT

ICE Hrm 29.0.0.OS – ‘Account Takeover’ Cross-Site Scripting and Session Fixation