:: Deepquest ::

>> Backdoor.Win32.Delf.zn Insecure Credential Storage

USER: deepcore // 2022-04-20 // 0 CMT

Backdoor.Win32.Delf.zn malware suffers from an insecure credential storage vulnerability.

>> Backdoor.Win32.GateHell.21 Authentication Bypass

USER: deepcore // 2022-04-20 // 0 CMT

Backdoor.Win32.GateHell.21 malware suffers from an authentication bypass vulnerability.

>> BlueZ Key Theft / bluetoothd Double-Free

USER: deepcore // 2022-04-20 // 0 CMT

BlueZ suffers from a vulnerability where a malicious USB device can steal Bluetooth link keys over HCI using a fake BD_ADDR. It was also discovered that bluetoothd suffers from a…

>> BlueZ Key Theft / bluetoothd Double-Free

USER: deepcore // 2022-04-19 // 0 CMT

BlueZ suffers from a vulnerability where a malicious USB device can steal Bluetooth link keys over HCI using a fake BD_ADDR. It was also discovered that bluetoothd suffers from a…

>> [webapps] Scriptcase 9.7 – Remote Code Execution (RCE)

USER: deepcore // 2022-04-19 // 0 CMT

Scriptcase 9.7 – Remote Code Execution (RCE)

>> [webapps] Easy Appointments 1.4.2 – Information Disclosure

USER: deepcore // 2022-04-19 // 0 CMT

Easy Appointments 1.4.2 – Information Disclosure

>> [remote] Zyxel NWA-1100-NH – Command Injection

USER: deepcore // 2022-04-19 // 0 CMT

Zyxel NWA-1100-NH – Command Injection

>> [webapps] WordPress Plugin Motopress Hotel Booking Lite 4.2.4 – SQL Injection

USER: deepcore // 2022-04-19 // 0 CMT

WordPress Plugin Motopress Hotel Booking Lite 4.2.4 – SQL Injection

>> [local] Microsoft Exchange Mailbox Assistants 15.0.847.40 – 'Service MSExchangeMailboxAssistants' Unquoted Service Path

USER: deepcore // 2022-04-19 // 0 CMT

Microsoft Exchange Mailbox Assistants 15.0.847.40 – ‘Service MSExchangeMailboxAssistants’ Unquoted Service Path

>> [local] EaseUS Data Recovery – 'ensserver.exe' Unquoted Service Path

USER: deepcore // 2022-04-19 // 0 CMT

EaseUS Data Recovery – ‘ensserver.exe’ Unquoted Service Path