[Canvas] Gleg Agora, SCADA, Def updates
YG
audit at gleg.net
Thu May 13 17:11:48 UTC 2021
Dear colleagues, new modules available for download.
2.13 SCADA+ :
- Beckhoff CP-Link 3 1.7.31.0 CplGfxClient Denial of Service. [1Day]
- Fernhill SCADA Server Denial of Service. [1Day]
- Merz MScada Server 2.1.15269.5804 Denial of Service. [1Day]
- WebHMI 4.0.7348 Persistent Cross-Site Scripting. [1Day]
1.66 DefPAck:
- Dell KACE Systems Management Appliance (K1000) Unauthenticated RCE. pub
- D-LINK DIR-610 Authenticated RCE. CVE-2020-9377
- D-LINK DIR-610 Info Disclosure. CVE-2020-9376
- AndroVideo Advan VD-1 Password Disclosure. CVE-2019-11064
Agora 3.12:
- Apache 2.4.7 mod_status Denial of Service. pub
- Apache Druid <0.20.1 Remote Code Execution. CVE-2021-25646
- Apache Unomi 1.5.1 Remote code execution CVE-2020-13942
- Batflat CMS 1.3.6 - Remote Code Execution CVE-2020-35734
Happy pentesting,
Gleg`s Security team
Follow us on https://twitter.com/GlegExploitPack
More information about the Canvas
mailing list