>> TAG: #0day

ASUS TM-AC1900 – Arbitrary Command Execution (Metasploit)

Citrix ADC NetScaler – Local File Inclusion (Metasploit)

Bludit 3.9.2 – Authentication Bruteforce Bypass (Metasploit)

Touchbase.io 1.10 – Stored Cross Site Scripting

Apache Tomcat – AJP ‘Ghostcat’ File Read/Inclusion (Metasploit)

DigitalPersona 5.1.0.656 ‘DpHostW’ – Unquoted Service Path

SAntivirus IC 10.0.21.61 – ‘SAntivirusIC’ Unquoted Service Path

IDT PC Audio 1.0.6425.0 – ‘STacSV’ Unquoted Service Path

OpenCart Theme Journal 3.1.0 – Sensitive Data Exposure

Water Billing System 1.0 – ‘username’ and ‘password’ parameters SQL Injection