[Canvas] Gleg updates
YG
audit at gleg.net
Thu Feb 18 20:13:10 UTC 2021
Dear colleagues, new modules available for download.
2.10 SCADA+ :
- Advantech ActiveDAQ Pro AdvButton.dll Remote Code Execution
Vulnerability usafe method[1Day]
- Advantech ActiveDAQ Pro Remote Code Execution Vulnerability.
unsafe method [1Day]
1.39 MedPack:
- MedDream PACS Server 7.1.1 Persistent Cross-Site Scripting [1day]
- LibreHealth 2.0.0 Remote Code Execution via unsafe activex [1day]
ZDA 1.30: four unsafe activex 0days in nice software
- Black Ice Software Image SDK any file Delete Vulnerability.
- Codejock Xtreme Suite Pro ActiveX 16.3.1 Retail Remote Code Execution
- HexaTech ViewPro ActiveX RCE
- Tekla Web ViewerRemote File Create
1.63 DefPAck:
- D-Link DSR-250N 3.12 Denial of Service. CVE-2020-26567
- HiSilicon Video Encoders Information Disclosure. CVE-2020-24219
- Ruijie Networks Switch eWeb S29_RGOS 11.4 Directory Traversal. pub
- TP-Link TL-WA855RE Device Reset Auth Bypass. CVE-2020-24363
Agora 3.09:
- Apache Flink 1.9.1 File Upload RCE (Unauthenticated). pub
- EmbedThis GoAhead Web Server 5.1.1 Digest Authentication Capture.
CVE-2020-15688
- GOautodial 4.0 Remote Code Execution. pub
- TextPattern CMS 4.8.3 Remote Code Execution. pub
Happy pentesting,
Gleg`s Security team
Follow us on https://twitter.com/GlegExploitPack
More information about the Canvas
mailing list