:: Deepquest ::

>> Fiberhome AN5506-02-B Cross Site Scripting

USER: deepcore // 2022-08-12 // 0 CMT

Fiberhome AN5506-02-B with firmware version RP2521 suffers from a persistent cross site scripting vulnerability.

>> http://www.yangngam.go.th/index.php

USER: deepcore // 2022-08-12 // 0 CMT

http://www.yangngam.go.th/index.php notified by ./Niz4r

>> http://www.tungluang.go.th/index.php

USER: deepcore // 2022-08-12 // 0 CMT

http://www.tungluang.go.th/index.php notified by ./Niz4r

>> http://www.sajorakhea.go.th/index.php

USER: deepcore // 2022-08-12 // 0 CMT

http://www.sajorakhea.go.th/index.php notified by ./Niz4r

>> https://www.secpt.go.th

USER: deepcore // 2022-08-12 // 0 CMT

https://www.secpt.go.th notified by ./Niz4r

>> http://www.bankruatcity.go.th/index.php

USER: deepcore // 2022-08-12 // 0 CMT

http://www.bankruatcity.go.th/index.php notified by ./Niz4r

>> Fiberhome AN5506-02-B Cross Site Scripting

USER: deepcore // 2022-08-11 // 0 CMT

Fiberhome AN5506-02-B with firmware version RP2521 suffers from a persistent cross site scripting vulnerability.

>> Sophos XG115w Firewall 17.0.10 MR-10 Authentication Bypass

USER: deepcore // 2022-08-11 // 0 CMT

Sophos XG115w Firewall version 17.0.10 MR-10 suffers from an authentication bypass vulnerability.

>> AirSpot 5410 0.3.4.1-4 Remote Command Injection

USER: deepcore // 2022-08-11 // 0 CMT

AirSpot 5410 versions 0.3.4.1-4 and below suffer from an unauthenticated remote command injection vulnerability.

>> Zimbra zmslapd Privilege Escalation

USER: deepcore // 2022-08-11 // 0 CMT

This Metasploit module exploits CVE-2022-37393, which is a vulnerability in Zimbra’s sudo configuration that permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part…