This vulnerability gives the CVSS score of 10/10, meaning it could result in unpatched users to be completely compromised. The issue is in the TMUI configuration utility and can be exploited by unauthenticated remote attackers via sending a malicious HTTP request to the vulnerable server. In June, there were over 8000 vulnerable devices that were […]
Two CVE’s (2020-9497 and 2020-9498) have been announced in the Apache Guacamole service. Successful exploitation of these vulnerabilities would allow an attacker to hijack a session on the host device or steal credentials. These vulnerabilities have been highlighted in version 1.1.0 of Guacamole. This version of the software should be updated to the latest version […]
Over 2,500 vulnerable devices from Geovision have a backdoor due to a weak default password “admin”. This can lead to these devices being remotely compromised. As a best practice, ensure all root passwords are complex and are not set to the default value. Other flaws include allowing unauthenticated attackers to access system logs, using hardcoded […]
Those who are using old D-Link routers might not able to work from home and are opening themselves for malicious attacks. This due to a vulnerability in those D-Link routes that allows attackers to inject commands and cause DoS. Users of those vulnerable old routers won’t be able to upgrade its firmware as it’s no […]