Tuesday , April 20 2021 7:29 PM
Home / Exploits (page 2)

Exploits

Warning: 100+ Tor Nodes Designed to Spy on Hidden Services

Two researchers, Amirali Sanatinia and Guevara Noubir, from Northwestern University, carried out an experiment on the Tor Network for 72 days and discovered at least 110 malicious Tor Hidden Services Directories (HSDirs) on the network. Cory Doctorow explains: These nodes — ordinary nodes, not exit nodes — sorted through all …

Read More »

How Hackers Can Hack Your Chip-and-PIN Credit Cards

Now, a group of French forensics researchers have inspected a real-world case in which criminals played smart in such a way that they did a seamless chip-switching trick with a slip of plastic that it was identical to a normal credit card. The researchers from the École Normale Supérieure University …

Read More »

Multiple XSS security vulnerabilities in the Visual Composer WordPress plugin

There are multiple XSS security vulnerabilities in the Visual Composer WordPress plugin versions prior to 4.7.4 (releases prior to October 2, 2015). Finally WP Bakery, the creators of Visual Composer, who have addressed all identified vulnerabilities and undertaken a code audit to ensure that it is as secure as possible.Developers  whose …

Read More »

Tens of Thousands of Routers, IP Cams Infected by Vigilante Malware

The bot, dubbed by Symantec “Linux.Wifatch,” was first spotted in November 2014 when an independent researcher noticed some interesting processes on his home router. Symantec has been monitoring the threat since March 2015 and the security firm has been trying to solve the mystery of Wifatch ever since. Symantec researchers …

Read More »

Avast Antivirus: X.509 Error Rendering Command Execution

Avast will render the commonName of X.509 certificates into an HTMLLayout frame when your MITM proxy detects a bad signature. Unbelievably, this means CN="<h1>really?!?!?</h1>" actually works, and is pretty simple to convert into remote code execution. To verify this bug, I've attached a demo certificate for you. Please find attached …

Read More »

Photos in Wifi v1.0.1 iOS

Document Title: =============== Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1600 Release Date: ============= 2015-09-28 Vulnerability Laboratory ID (VL-ID): ==================================== 1600 Common Vulnerability Scoring System: ==================================== 8.6 Product & Service Introduction: =============================== Share the photos and videos of your iPhone/iPad in wifi. Upload photos …

Read More »

Bosch Security Systems – XML Injection

# Exploit Title: Bosch Security Systems – XML Injection – Dinion NBN-498 Web Interface # Date: 01/09/2015 # Exploit Author: neom22 # Vendor Homepage: http://us.boschsecurity.com # Data Sheet: http://resource.boschsecurity.us/documents/Data_sheet_enUS_9007201286798987.pdf # Version: Hardware Firmware 4.54.0026 – Web Interface version is unknown # Tested on: Windows 8.1 – Firefox 40.0.3 # CVE …

Read More »