This was a relatively light Christmas week for disclosures. We have seven vendor disclosures from Delta Electronics, Eaton (3), Hitachi (2), and Ruckus. We also have four exploits for products from FortiGuard, HP (2), and HPE.
Advisories
Delta Advisory - Delta
published an
advisory that describes a cleartext transmission of sensitive information
in their DVP-12SE PLC.
Eaton Advisory #1 - Eaton published an
advisory that describes an uncontrolled search path vulnerability in their UPS
Companion (EUC) Software.
Eaton Advisory #2 - Eaton published an
advisory that describes two uncontrolled search path element vulnerabilities
in their UPS Companion (EUC) software.
Eaton Advisory #3 - Eaton published an
advisory that describes an improper input validation vulnerability in their
xComfort ECI.
Hitachi Advisory #1 - Hitachi published an
advisory that discusses two vulnerabilities in their Infrastructure
Analytics Advisor and Ops Center Analyzer products.
Hitachi Advisory #2 - Hitachi published an
advisory that discusses 35 vulnerabilities in their Disk Array products.
Ruckus Advisory - Ruckus published an advisory that discusses the Qualcomm U-boot vulnerability.
Exploits
FortiGuard Exploit -
Indoushka published an
exploit for an SQL injection vulnerability in the FortiGuard FortiWeb
Fabric Connector.
HP Exploit #1 - Indoushka published an exploit for a PHP code
injection vulnerability in the HP ProCurve SNAC Domain Controller.
HP Exploit #2 - Indoushka published an exploit for a
credential dumping attack on the HP ProCurve SNAC Domain Controller.
HPE Exploit - Remmons-r7, et al, published a Metasploit
module for a code injection vulnerability in the HPE One View product.
Posts
No comments:
Post a Comment