SSD Advisory – Dasan Unauthenticated Remote Code Execution

Credit to Author: SSD / Maor Schwartz| Date: Wed, 06 Dec 2017 06:42:29 +0000

Vulnerability Summary The following advisory describes a buffer overflow that leads to remote code execution found in Dasan Networks GPON ONT WiFi Router H640X versions 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 Dasan Networks GPON ONT WiFi Router “is indoor type ONT dedicated for FTTH (Fibre to the Home) or FTTP (Fiber to the Premises) deployments. That … Continue reading SSD Advisory – Dasan Unauthenticated Remote Code Execution

Read more

SSD Advisory – Iceni Infix Multiple Crashes

Credit to Author: SSD / Maor Schwartz| Date: Tue, 13 Jun 2017 11:18:28 +0000

Crashes Summary An independent security researcher has reported 36 different crashes in Iceni Infix. We decided to publish 1 sample out of the 36 crashes – if you want to get the remaining 35 crashes, please contact us via email ssd [at] beyondsecurity (dot) com. “Infix PDF Editor and Infix PDF Editor Pro is popular … Continue reading SSD Advisory – Iceni Infix Multiple Crashes

Read more

SSD Advisory – HPE Intelligent Management Center (iMC) Code Execution

Credit to Author: SSD / Maor Schwartz| Date: Fri, 02 Jun 2017 07:59:35 +0000

Vulnerability Summary The following advisory describes a Stack Buffer Overflow vulnerability found in HPE Intelligent Management Center version v7.2 (E0403P10) Enterprise, this vulnerability leads to an exploitable remote code execution. HPE Intelligent Management Center (iMC) delivers comprehensive management across campus core and data center networks. iMC converts meaningless network data to actionable information to keep … Continue reading SSD Advisory – HPE Intelligent Management Center (iMC) Code Execution

Read more

SSD Advisory – Bitdefender Code Signing organizationName Buffer Overflow

Credit to Author: SSD / Maor Schwartz| Date: Thu, 18 May 2017 05:34:17 +0000

Vulnerability Summary The following advisory describes a Buffer Overflow vulnerability found in Bitdefender Engine PE. Bitdefender provides the Bitdefender “antimalware” engine for integration with other security vendors products. The engine is used in Bitdefender’s own products, for example in Bitdefender Internet Security 2017 and below. The antimalware engine is the core of the product, among … Continue reading SSD Advisory – Bitdefender Code Signing organizationName Buffer Overflow

Read more

SSD Advisory – Linksys PPPoE Multiple Vulnerabilities

Credit to Author: Maor Schwartz| Date: Wed, 19 Apr 2017 13:52:33 +0000

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Linksys EA, XAC and AC series devices. The vulnerabilities has been found in the way the Linksys devices (EA, XAC and AC series) handle the Point-to-point protocol over Ethernet (PPPoE) Discovery (PPPoED) process allowing an unprivileged active attacker on the same network segment (layer2) … Continue reading SSD Advisory – Linksys PPPoE Multiple Vulnerabilities

Read more