Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities

## Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.1.7 FP5. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.2.2. The following 3rd ...

Continue Reading
Ricoh myPrint 2.9.2.4 – Hard-Coded Credentials

Ricoh myPrint 2.9.2.4 - Hard-Coded CredentialsRead More ...

Continue Reading
SAP Unauthenticated WebService User Creation

This module leverages an unauthenticated web service to submit a job which will create a user with a specified role. The job involves running a wizard. After the necessary action is taken, the job is ...

Continue Reading
Kentico CMS Staging SyncServer Unserialize Remote Command Execution

This module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote Command Execution is possible via unauthenticated XML requests to the Staging Service SyncServer.a ...

Continue Reading
Schneider Electric Pelco Endura NET55XX Encoder

This module exploits inadequate access controls within the webUI to enable the SSH service and change the root password. This module has been tested successfully on: NET5501, NET5501-I, NET5501-XT, NE ...

Continue Reading
Ricoh myPrint 2.9.2.4 – Hard-Coded Credentials

Post ContentRead More ...

Continue Reading
FruityWifi Remote Code Execution Exploit

This is an exploit for FruityWifi that binds a shell to tcp port 4444 using a remote code execution vulnerability leveraged via a SOAP request.Read More ...

Continue Reading
Improper Restriction of XML External Entity Reference in soa-model

Soa-model is a toolkit and Java API for WSDL, WADL and XML Schema. An XML External Entity (XXE) vulnerability exists in versions of soa-model prior to 1.6.4 in the WSDLParser function. This issue has ...

Continue Reading

Back to Main

Subscribe for the latest news: