:: Deepquest ::

>> [webapps] MyBB 1.8.29 – MyBB 1.8.29 – Remote Code Execution (RCE) (Authenticated)

USER: deepcore // 2022-05-11 // 0 CMT

MyBB 1.8.29 – MyBB 1.8.29 – Remote Code Execution (RCE) (Authenticated)

>> [remote] USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 – Remote Root Backdoor

USER: deepcore // 2022-05-11 // 0 CMT

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 – Remote Root Backdoor

>> [webapps] PHProjekt PhpSimplyGest v1.3. – Stored Cross-Site Scripting (XSS)

USER: deepcore // 2022-05-11 // 0 CMT

PHProjekt PhpSimplyGest v1.3. – Stored Cross-Site Scripting (XSS)

>> [webapps] Cyclos 4.14.7 – DOM Based Cross-Site Scripting (XSS)

USER: deepcore // 2022-05-11 // 0 CMT

Cyclos 4.14.7 – DOM Based Cross-Site Scripting (XSS)

>> [webapps] ImpressCMS v1.4.4 – Unrestricted File Upload

USER: deepcore // 2022-05-11 // 0 CMT

ImpressCMS v1.4.4 – Unrestricted File Upload

>> [remote] Ruijie Reyee Mesh Router – Remote Code Execution (RCE) (Authenticated)

USER: deepcore // 2022-05-11 // 0 CMT

Ruijie Reyee Mesh Router – Remote Code Execution (RCE) (Authenticated)

>> [remote] DLINK DIR850 – Insecure Access Control

USER: deepcore // 2022-05-11 // 0 CMT

DLINK DIR850 – Insecure Access Control

>> [remote] SAP BusinessObjects Intelligence 4.3 – XML External Entity (XXE)

USER: deepcore // 2022-05-11 // 0 CMT

SAP BusinessObjects Intelligence 4.3 – XML External Entity (XXE)

>> [local] TCQ – ITeCProteccioAppServer.exe – Unquoted Service Path

USER: deepcore // 2022-05-11 // 0 CMT

TCQ – ITeCProteccioAppServer.exe – Unquoted Service Path

>> Printix 1.3.1106.0 Privileged API Abuse

USER: deepcore // 2022-05-10 // 0 CMT

An “Incorrect Use of a Privileged API” vulnerability in PrintixService.exe in Printix’s “Printix Secure Cloud Print Management” versions 1.3.1106.0 and below allows a local or remote attacker the ability change…