[Canvas] Gleg updates

audit at gleg.net audit at gleg.net
Sun Mar 29 08:31:19 UTC 2020

new modules.

  ZDA new 0days:
  - WatchGuard Fireware AD Helper Component - Credential  
Disclosure. public
  - UCanCode Visualization Suite 2020 ActiveX File Overwrite  
Vulnerability. [0Day]
  - Mozilla WebThings 0.10.0 Arbitrary File Delete. [0Day]
  - Inductive Automation Ignition 8.0.7 - Arbitrary File Upload. [0Day]

  Agora 2.98:
  - OpenSMTPD 6.6.2 Remote Code Execution. CVE-2020-7247
  - MyDomoAtHome (MDAH) REST API Domoticz ISS Gateway 0.2.40  
Information Disclosure. public
  - IBM InfoPrint 4247-Z03 Impact Matrix Printer Directory Traversal. public
  - Dairy Farm Shop Management System 1.0 -  SQL Injection. public

  Def 1.52:
  - Microtik SSH Daemon 6.44.3 Denial of Service. public
  - F-Secure Internet Gatekeeper 5.40 Heap Overflow. public
  - Enigma NMS 65.0.0 Remote OS Command Injection. CVE-2019-16072
  - ClamAV 0.102.0 Code Execution Vulnerability. public

  Scada 1.99:
  - MajorDoMo 1.2.0b Command Injection. [1Day]
  - Cogent DataHub 9.0.x Denial of Service. [1Day]

Happy pentesting,
Gleg`s Security team
Follow us on https://twitter.com/GlegExploitPack

More information about the Canvas mailing list