[Canvas] Gleg's Agora, SCADA, DefPack updated

Yuriy Gurkin audit at gleg.net
Sun Dec 1 12:13:51 UTC 2019

Hi list,
SCADA 1.96 updates:
- Siemens SICAM A8000 Series Unauthenticated Remote Denial of Service.
 - NetHome 3.0-6ae52 Arbitrary File Upload. [1Day]
 - LabCollector 5.423 - SQL Injection. public

DefPack 1.49  new camera vulns:
 - ZTE ZXHN H108N and its versions info disclose. public
 - XiongMai ip cameras Path Traversal. public
 - Vivotek IP Cameras Credentials Leakage via Path Traversal

Agora 2.95  :
 - Apache Solr 8.2.0 - Remote Code Execution. public
 - MAPLE Computer WBT SNMP Administrator Remote Denial of
Service. public
 - TheSystem 1.0 - Command Injection. public
 - Xitami Web Server 2.5 Remote Crash. public

Happy pentesting,
-Gleg's research team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/canvas/attachments/20191201/036f6520/attachment.html>

More information about the Canvas mailing list