This is an extension of research on the original findings of CVE-2020-15858 in Telit Cinterion IoT devices. Numerous issues have been discovered including path traversal, Java privilege elevation, AT commands…
http://www.namkrai.go.th notified by Ajoyy
http://www.koisoong.go.th notified by Ajoyy
KodExplorer 4.49 – CSRF to Arbitrary File Upload
Chrome suffers from an issue where the traits for media::mojom::VideoFrame do not perform any validation on the stride and offset parameters when deserializing untrusted message data.
Chrome has an issue where the GL_ShaderBinary is exposed to untrusted processes.
Chrome has an issue where there is an out-of-bounds string copy that can occur when parsing a uniform sampler name in SpvGetMappedSamplerName.
KODExplorer versions 4.49 and below suffer from cross site request forgery and remote shell upload vulnerabilities.
Nokia OneNDS 17 has loose sudo permissions that can allow users to escalate privileges.
Nokia OneNDS 20.9 has loose sudo permissions that can allow users to escalate privileges.