[Canvas] Gleg Agora, SCADA, Def, ZDA updates

YG audit at gleg.net
Thu Mar 11 17:45:36 UTC 2021

Dear colleagues, new modules available for download.

ZDA 1.31:  pretty interesting QNAP NAS devices chained exploit + 0days  
as always
  - Apache Druid <0.20.1 Remote Code Execution. CVE-2021-25646
  - QNAP Pre-Auth Root RCE. several vulns chained into a pre-auth root  
RCE! unpatched firmware QNAP NAS models vulnerable, CVE-2019-7192,  
CVE-2019-7193, CVE-2019-7194, CVE-2019-7195 covered
  - Beward B4230 IP Camera Info Disclosure [0Day]
  - Beward B4230 IP Camera Privilege Escalation [0Day]
  - vBulletin 5.0.0 - 5.5.4 RCE. CVE-2019-16759
  - WebHMI Privilege Escalation AFU RCE [0Day]
  - Beckhoff CP-Link 3 CplGfxClient Denial of Service [0Day]
  - Mitsubishi MC Works64 SCADA Remote Arbitrary empty File Create  
unsafe activeX method [0Day]

2.11 SCADA+ :
  - ICPDAS eLogger software Denial of Service [1Day]
  - Point of View SCADA/HMI software Remote Code Execution Vulnerability [1Day]
  - Yaskawa SigmaWinPlus 7 Remote Arbitrary File Overwrite [1Day]

1.64 DefPAck:
  - IDAutomation unsafe activex file overwrite vulnerability. pub
  - Huawei HedEx Lite  directory traversal. pub
  - Argus Surveillance DVR devices allow Unauthenticated  
Directory Traversal. pub
  - Geutebruck IP Camera remote_reboot - pub

Agora 3.10:
  - WordPress W3 Total Cache 0.9.3 Directory Traversal. pub
  - WordPress Duplicator 1.3.26 Directory Traversal. pub
  - Sentrifugo 3.2 - File Upload Restriction Bypass. pub
  - Jenkins 2.235.3 - Stored XSS. CVE-2020-2230
  - Apache Tomcat - CVE-2020-1938 (Ghostcat)

Happy pentesting,
Gleg`s Security team
Follow us on https://twitter.com/GlegExploitPack

More information about the Canvas mailing list