>> CATEGORY: Security

Grandstream UCM6200 Series CTI Interface – ‘user_password’ SQL Injection

DLINK DWL-2600 – Authenticated Remote Command Injection (Metasploit)

Odin Secure FTP Expert 7.6.3 – ‘Site Info’ Denial of Service (PoC)

Joomla! com_fabrik 3.9.11 – Directory Traversal

Multiple DrayTek Products – Pre-authentication Remote Root Code Execution

ECK Hotel 1.0 – Cross-Site Request Forgery (Add Admin)

Easy RM to MP3 Converter 2.7.3.700 – ‘Input’ Local Buffer Overflow (SEH)

Everest 5.50.2100 – ‘Open File’ Denial of Service (PoC)

TP-Link Archer C50 3 – Denial of Service (PoC)

Centreo 19.10.8 – ‘DisplayServiceStatus’ Remote Code Execution