WSDL - API Security Blog

ONVIF Get Device User List

Nessus was able to extract a user list from the ONVIF-enabled device by sending a GetUsers SOAP request to the deviceRead More ...

June 30, 2023

ONVIF Device Information

Nessus was able to extract some information about the ONVIF-enabled device by sending a GetDeviceInformation SOAP request to the device server.Read More ...

June 30, 2023

CVE-2017-16665

RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting (XSS) attack via the service parameter to the /soap URI, triggering an invalid attempt to generate WSDL.R ...

June 30, 2023

CVSS3 - MEDIUM

CVSS2 - MEDIUM

CEMLink 6 Unrestricted WSDL Service Access / Poor Crypto Implementation Vulnerabilities

CEMLink 6 suffers from having unrestricted WSDL service access and a weak mechanism for password storage.Read More ...

June 30, 2023

Threat Round Up for December 29 – January 5

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between December 29 and January 05. As with previous round-ups, this post isn't meant to be an in-depth analysis. In ...

June 30, 2023

Wanscam HW0021 Administrator Credentials Disclosure

Wanscam HW0021 discloses admin credentials to unauthenticated users.Read More ...

June 30, 2023

NtlmRelayToEWS – Ntlm Relay Attack To Exchange Web Services

[![](https://2.bp.blogspot.com/-sHIUV1BfCXE/W3TdRLJfE_I/AAAAAAAAMKk/huTqSQZ-pxsW5z7EQZHgBLLsr5gYJpOFQCLcBGAs/s640/NtlmRelayToEWS.png)]() **ntlmRelayToEWS** is a tool for performing ntlm relay attacks ...

June 30, 2023

TurboGateé®ä»¶ç½å³æ¼æ´åé

June 30, 2023