[Canvas] Gleg Agora, SCADA, Def, ZDA exploit packages updates
YG
audit at gleg.net
Tue Jul 13 10:10:05 UTC 2021
Dear colleagues, new modules available for download.
SCADA 2.15 :
- GLPI 9.5 Unauthenticated Info Disclosure [1Day]
- GLPI 9.5 apirest Auth Bypass [1Day]
- MICROSYS PROMOTIC 9.0.15.2 SCADA Remote File Owerwrite [1Day]
- Movicon 11.6 Scada/HMI platform Directory Traversal [1Day]
- Simp Light Scada Directory Traversal [1Day]
Agora 3.14:
- Windows IIS Server Denial of Service. CVE-2021-31166
- Apache Airflow 1.10.10 - Remote Code Execution. CVE-2020-11978,
CVE-2020-13927
- Chamilo LMS 1.11.14 - Remote Code Execution CVE-2021-31933
- FOGProject 1.5.9 - File Upload RCE (Authenticated)
- Hasura GraphQL 1.3.3 - Local File Read
- Hasura GraphQL 1.3.3 Remote Code Execution
DefPack 1.68:
- ZBL EPON ONU Broadband Router Configuration Download. pub
- DD-WRT 45723 UPNP Buffer Overflow. pub
- Beward B4230 IP Camera Info Disclosure [1Day]
- Beward B4230 IP Camera Privilege Escalation [1Day]
ZDA 1.34:
- Adroit SCADA Remote File Create Vulnerability [0Day]
- Brainchild Electronic Panel Studio Generated Projects Network
Denial of Service [0Day]
- GLPI 9.5 Unauthenticated Password Change PoC [0Day]
- LEADTOOLS IltmmCapture 17.5 Arbitrary File Overwrite Vulnerability [0Day]
- Saia Burgess Controls PG5 Remote File Create Vulnerability [0Day]
Happy pentesting,
Gleg Security team
Follow us on https://twitter.com/GlegExploitPack
More information about the Canvas
mailing list