:: Deepquest ::

>> Trojan-Dropper.Win32.Agent.xtp Insecure Permissions

USER: deepcore // 2021-04-22 // 0 CMT

Trojan-Dropper.Win32.Agent.xtp malware suffers from an insecure permissions vulnerability.

>> Backdoor.Win32.DarkKomet.artr Insecure Permissions

USER: deepcore // 2021-04-22 // 0 CMT

Backdoor.Win32.DarkKomet.artr malware suffers from an insecure permissions vulnerability.

>> OTRS 6.0.1 Remote Command Execution

USER: deepcore // 2021-04-22 // 0 CMT

OTRS version 6.0.1 remote command execution exploit.

>> Packed.Win32.Black.d Unauthenticated Open Proxy

USER: deepcore // 2021-04-22 // 0 CMT

Packed.Win32.Black.d malware has an unauthenticated open proxy vulnerability.

>> BMD BMDWeb 2.0 Cross Site Scripting

USER: deepcore // 2021-04-22 // 0 CMT

BMD BMDWeb 2.0 versions prior to 24.01.21 suffer from persistent cross site scripting vulnerabilities.

>> [webapps] CMS Made Simple 2.2.15 – 'title' Cross-Site Scripting (XSS)

USER: deepcore // 2021-04-22 // 0 CMT

CMS Made Simple 2.2.15 – ‘title’ Cross-Site Scripting (XSS)

>> [webapps] OTRS 6.0.1 – Remote Command Execution (2)

USER: deepcore // 2021-04-22 // 0 CMT

OTRS 6.0.1 – Remote Command Execution (2)

>> Cisco RV Authentication Bypass / Code Execution

USER: deepcore // 2021-04-21 // 0 CMT

Cisco RV-series routers suffer from an authentication bypass vulnerability. The RV34X series are also affected by a command injection vulnerability in the sessionid cookie, when requesting the /upload endpoint. A…

>> Phone Shop Sales Management System 1.0 Shell Upload

USER: deepcore // 2021-04-21 // 0 CMT

Phone Shop Sales Management System version 1.0 suffers from a remote shell upload vulnerability.

>> Fibaro Home Center MITM / Missing Authentication / Code Execution

USER: deepcore // 2021-04-21 // 0 CMT

Fibaro Home Center Light and Fibaro Home Center 2 versions 4.600 and below suffer from man-in-the-middle, missing authentication, remote command execution, and missing encryption vulnerabilities.