[Canvas] Gleg Agora, SCADA, Def, ZDA updates
YG
audit at gleg.net
Thu Aug 5 17:37:34 UTC 2021
Dear colleagues, new modules available for download.
SCADA 2.16 :
- ioBroker 1.5.14 Directory Traversal Vulnerability. CVE-2019-10767
- OpenPLC 3 Remote Code Execution. pub
- ScadaBR 1.0 Arbitrary File Upload. pub
- SmartPTT Arbitrary File Upload [1Day]
- SmartPTT Information Disclosure [1Day]
Agora 3.15:
- VTENEXT 19 Remote Code Execution [1day]
- CentOS Web Panel idsession root Remote Code Execution. CVE-2021-31324
- GravCMS AdminPlugin 1.10.7 Unauthenticated Arbitrary YAML Write to
RCE. CVE-2021-21425
- Black Ice Software Image SDK any file Delete Vulnerability [1day]
- Codejock Xtreme Suite Pro ActiveX 16.3.1 Retail Remote Code
Execution Vulnerability [1day]
- HexaTech ViewPro ActiveX Report Generator Remote Code Execution
Vulnerability [1day]
DefPack 1.69:
- SolarLog 500 2.8.2 Unprotected Storage of Credentials Vulnerability. pub
- Ambarella Oryx RTSP Server DoS CVE-2020-24918
- IPFire 2.25 Remote Code Execution CVE-2021-33393
- JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Config
ZDA 1.35 extra exploits:
- F5 BIG-IP TMUI Directory Traversal Vulnerability CVE-2020-5902
- Ricon Industrial Cellular Router S9922XL Remote Command Execution. public
- Seagate BlackArmor NAS sg2000-2000.1331 RCE . public
- TG8 Firewall Remote Code Execution. public
Happy pentesting,
Gleg Security team
Follow us on https://twitter.com/GlegExploitPack
More information about the Canvas
mailing list