[Ruckus Wireless] Authenticated Stored XSS Vulnerability in Ruckus ZoneFlex R310 (CVE-2020-7234)

#ruckus,#wireless,#research,#zoneflex,#xss

Published on 08 June 2020 at 10:02PM, by s4mnez

The platform used for the administration of Ruckus ZoneFlex R310 access points, version 104.0.0.0.1347, is critically vulnerable to Stored Cross-Site scripting issue.

test

Ver más

[UHP Networks] Multiple Reflected XSS in UHP routers (CVE-2020-7235 - CVE-2020-7236)

#research, #vsat,#satellite,#cve-2020-7236,#cve-2020-7235,#router

Published on 08 June 2020 at 10:00PM, by s4mnez

UHP Networks is a company dedicated to devolping, manufacturing and marketing of VSAT satellite networking equipment. Its main products include various UHP universal satellite routers, where the main application of these devices is broadband, SCADA and multimedia connectivity in large VSAT networks using HTS (High Throughput Satellite).

test

Ver más

[Multitech] Authenticated Remote Code Execution in MultiConnect Conduit devices

#cve-2020-7594,#rce,#research,#iot

Published on 08 June 2020 at 09:54PM, by s4mnez

Multitech Conduit is a configurable, scalable cellular communications gateway for industrial IoT applications, and using a web platform function it's possible to execute remote code due to poor sanitization of a parameter.

test

Ver más

[Kanji] Remote Code Execution in Kanji RTN-KJ-150N Router, JCG JGR-N805R Router, DEK DEK-1705 Router, LINK-NET LW-N605R Router,VINGA WR-N300U Router

#cve, #rce, #research

Published on 28 May 2020 at 09:27PM, by xpl0ited1

After logging in I went to the Management menu, and then clicked on Tools, there are two system commands that can be executed, ping and traceroute, both vulnerable to execute arbitrary commands appending a semicolon before extra command

Ver más

[SMC Networks] Remote Code execution (Authenticated) in SMC D3G0804W Router [CVE-2020-8087]

#cve, #rce, #research

Published on 28 May 2020 at 04:32AM, by H4k1m

SMC Networks is an American Based Company, founded in 1972. The company develops network interface cards (NICs), stackable, dual speed hubs and ethernet switches, now venturing into the world of IoT.

The SMC Networks D3G0804W Router is described as:
"A multimedia Gateway that delivers video, and data for applications such as Home Security and Automation, and IPTV distribution. The Gateway is a versatile and robust all-in-one solutions that makes it ideal for homes and businesses to connect their local-area network (LAN) to the Internet."
--SMC Networks D3G0804W user manual.

poc

Ver más