[Canvas] Gleg updates - recovering from crisis release
audit at gleg.net
audit at gleg.net
Tue Jun 30 15:43:17 UTC 2020
Hello dear colleagues, new updates are available for download:
Please NOTE: we are moving to new main distribution server, so you
will receive soon new credentials for that. Also helpful news for
those clients which had end-of-support period during COVID hit (
March-May ): your subscription will be extended till end of July to
help all of us fight crisis.
1.56 DefPack :
- WatchGuard Fireware AD Helper Component Credential Disclosure. pub
- TP-LINK router TL-WR940N - Buffer Overflow. CVE-2019-6989
- Master IP CAM 01 3.3.4.2103 Remote Command Execution. CVE-2019-8387
ZDA 1.24 0Days+:
- CharruaPACS CS011 PACS Server DirTrav [0day]
- Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection
- Rukovoditel Project Management CRM 2.6 infoleak. [0day]
- Conquest DICOM Server software 1.5.0 Denial of Service. [0day]
SCADA 2.03:
- OpenScada Password Hash Login. [1Day]
- OpenScada Command Execution. [1Day]
Agora 3.02:
- Zen Load Balancer 3.10.1 - Directory Traversal. pub
- LimeSurvey 4.1.11 - Path Traversal CVE-2020-11455
- Gila CMS 1.11.8 - 'query' SQL Injection CVE-2020-5515
- CuteNews 2.1.2 - Remote Code Execution CVE-2019-11447
- Centreon 19.10.8 Command injection. pub
Stay healthy and happy pentesting,
-Gleg's research team
More information about the Canvas
mailing list