Full Disclosure

A public, vendor-neutral forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. More importantly, fresh vulnerabilities sometimes hit this list many hours or days before they pass through the Bugtraq moderation queue.

Posted by SEC Consult Vulnerability Lab on Apr 22

SEC Consult Vulnerability Lab Security Advisory < 20210422-0 >
=======================================================================
title: Stored Cross Site Scripting (Outdated software library)
product: BMD BMDWeb 2.0
vulnerable version: BMD versions prior to 24.01.21
fixed version: 24.01.21 and 24.02.11 or higher
CVE number: –
impact: High
homepage: https://www.bmd.com/

Posted by Imre Rad on Apr 19

The Microsoft (R) Diagnostics Hub Standard Collector Service is a
default component of Microsoft Windows operating system. This report
is about a flaw in the Diagnostics Hub Standard Collector Service DCOM
class that is available to all users of the OS (includes NT
AUTHORITY\Authenticated Users).
The service was vulnerable to directory traversal which could lead
data tampering and dropping files to arbitrary directories with
overall impact of…

Posted by Takeshi Shiomitsu on Apr 19

IoT Inspector Research Lab Security Advisory IOT-20210414-0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
title: Cisco RV series Authentication Bypass and Remote Command
Execution
vendor/product: Cisco (https://www.cisco.com/)
vulnerable version: RV16X/RV26X: 1.0.01.02 & below.
RV34X: 1.0.03.20 & below.
fixed version: RV16X/RV26X:…

Posted by malvuln on Apr 19

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/c58d5aecd223ac95ae5fab6dcd69e953.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Agent.hsm
Vulnerability: Insecure Permissions
Description: Agent.hsm creates an insecure dir named "LOL" under c:\ drive
and grants change (C) permissions to the authenticated user group. Standard
users can rename the…

Posted by malvuln on Apr 19

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/db45a906a0a3747398b2b8a5faff5e44.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Constructor.Win32.Bifrose.ag
Vulnerability: Local Stack Buffer Overflow
Description: Bifrost crypted by Dr.G3NIUS, doesn't properly validate the IP
address when importing Bifrost settings (.set) files. The IP address offset
is located after a…

Posted by malvuln on Apr 19

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/d7648b676dd139d1b7ba781816726510.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HEUR.Backdoor.Win32.Generic
Vulnerability: Unauthenticated Open Proxy
Description: The backdoor creates a Windows service backed by an executable
named "1314.exe", it lives under C:\WINDOWS and listens on TCP ports 1080
and 8080….

Posted by malvuln on Apr 19

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/2f3f0e9be7edb73e545fc49b5a78b4f0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Bayrob.dtrg
Vulnerability: Insecure Permissions
Description: Bayrob.dtrg creates an insecure dir named "mnfqzckna0dkc"
under c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users can…

Posted by malvuln on Apr 19

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/2992b86d03c3922ed45fa09ef105f018.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan-Dropper.Win32.Agent.bjtzcp
Vulnerability: Insecure Permissions
Description: Agent.bjtzcp creates an insecure dir named "Isrimss2018" under
c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users…

Posted by malvuln on Apr 19

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/9fff4c02274c0162880844f27ff91407.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.NanoBot.onh
Vulnerability: Insecure Permissions
Description: NanoBot.onh creates an insecure dir named "AppData" under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename…

Posted by malvuln on Apr 19

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/d4ac133a9df0c627f899bb6039d04215.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Agentb.iofv
Vulnerability: Insecure Permissions
Description: Agentb.iofv creates an insecure dir named "drivr" under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the…

Posted by malvuln on Apr 19

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/55feab480a43727c8a08feb7344afb4a.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Zombam.h
Vulnerability: Remote Stack Buffer Overflow
Description: Zombam.h HTTP RAT v01.b by z0mbie, creates a backdoor file
named "httpserver.exe" that listens on TCP port 80. Attackers who can reach
the backdoor can send…

Posted by malvuln on Apr 19

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/1d40e72fb8cf300298df4b828b48ec29.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: HEUR.Hoax.Win32.FrauDrop.gen
Vulnerability: Insecure Permissions
Description: FrauDrop.gen creates an insecure dir named "newdnswatch" under
c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users can…

Posted by malvuln on Apr 19

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/a2017b547da2f06c6d7c02398cc481f6.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Agent.zfgh
Vulnerability: Insecure Permissions
Description: Agent.zfgh creates an hidden insecure dir named "drv" under
c:\ drive and grants change (C) permissions to the authenticated user
group. Standard users can rename…

Posted by malvuln on Apr 19

Discovery / credits: Malvuln – malvuln.com (c) 2021
Original source:
https://malvuln.com/advisory/982479ad10ff048d566516254051e17e.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Trojan.Win32.Jorik.qje
Vulnerability: Insecure Permissions
Description: Jorik.qje creates an insecure dir named "oDetnlQD" under c:\
drive and grants change (C) permissions to the authenticated user group.
Standard users can rename the…

Posted by research on Apr 19

IoT Inspector Research Lab Advisory IOT-20210408-0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~

title: Multiple vulnerabilities

vendor/product: Fibaro Home Center Light / Fibaro Home Center 2

https://www.fibaro.com/

vulnerable version: 4.600 and older

fixed version: 4.610

CVE number: CVE-2021-20989, CVE-2021-20990, CVE-2021-20991,…