Improper Restriction of XML External Entity Reference in soa-model

Soa-model is a toolkit and Java API for WSDL, WADL and XML Schema. An XML External Entity (XXE) vulnerability exists in versions of soa-model prior to 1.6.4 in the WSDLParser function. This issue has ...

Continue Reading
FruityWifi Remote Code Execution

Post ContentRead More ...

Continue Reading
F5 Networks BIG-IP : iControl SOAP vulnerability (K59904248)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K5990424 ...

Continue Reading
iControl SOAP vulnerability CVE-2022-29474

A directory traversal vulnerability exists in iControl SOAP that allows an authenticated attacker with at least guest role privileges to read wsdl files in the BIG-IP file system. ([CVE-2022-29474]()) ...

Continue Reading
CVE-2018-18006

Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of ...

Continue Reading
Virtuozzo 6 : java-1.7.0-openjdk / java-1.7.0-openjdk-demo / etc (VZLSA-2017-2424)

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. ...

Continue Reading
XXE that can Bypass WAF Protection

by Alex Drozdov, Wallarm Research XXE or XML External Entities is a new issue in the 2017 [OWASP Top 10 vulnerability list](). This is the only new issue of the set that was introduced based on direct ...

Continue Reading
CVE-2018-16803

In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows attackers to execute SQL code.Read More ...

Continue Reading

Back to Main

Subscribe for the latest news: