As the digital landscape continues to evolve, so do the tactics utilized by bad actors that are seeking to exploit application vulnerabilities. Among the most insidious types of attacks are business l ...
Continue Reading
July 11, 2023
The Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing (CORS) settings and, as a r ...
Continue Reading
July 11, 2023
### Overview The Technicolor TG670 Router DSL Gateway Router includes a hard-coded service account that allows for authentication over services on the WAN interface, using HTTP, SSH, or TELNET. The au ...
Continue Reading
July 11, 2023
 We are excited to share another quarter of new Detec ...
Continue Reading
July 11, 2023
A vulnerability was found in TamronOS up to 20230703. It has been classified as critical. This affects an unknown part of the file /api/ping. The manipulation of the argument host leads to os command ...
Continue Reading
July 10, 2023
### Impact The REST API allows executing all actions via POST requests and accepts `text/plain`, `multipart/form-data` or `application/www-form-urlencoded` as content types which can be sent via regul ...
Continue Reading
July 10, 2023
### Impact The REST API allows executing all actions via POST requests and accepts `text/plain`, `multipart/form-data` or `application/www-form-urlencoded` as content types which can be sent via regul ...
Continue Reading
July 10, 2023
Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpo ...
Continue Reading
July 10, 2023
Back to Main
