[Canvas] Gleg Agora, SCADA, Def, ZDA updates
YG
audit at gleg.net
Tue Apr 5 17:02:16 UTC 2022
Dear colleagues, new modules available for download.
Agora 3.22
- Confluence Server 7.12.4 - Remote Code Execution (Unauthenticated)
CVE-2021-26084
- Gitlab 13.10.3 Unauthenticated User Enumeration. public
- Handysoft Co., Ltd Groupware ActiveX Remote Code Execution
Vulnerability [1day]
- Next.js directory traversal vulnerability CVE-2020-5284
- PHPFusion 9.10.0 Arbitrary User Logout. public
DefPack 1.76:
- Novus Managment System Directory Traversal Vulnerability [1day]
- Samsung SmartViewer 3.0 Remote Buffer Overflow activex [1day]
- ARD-9808 DVR Card Security Camera Password Disclosure. public
- Fujitsu-Siemens ServerView Remote Command Execution. oldpublic
- Vivotek IP Cameras Information Disclosure. public
SCADA 2.23 :
- Delta Industrial Automation COMMGR (ModBus) 1.08 Denial of Service [1Day]
- WebHMI 4.1.1.7662 Remote Code Execution. public
- Eaton Lean Automation XP12inDemoProgram Directory Traversal and
file disclosure. [1Day]
ZDA 1.42 :
- CVE-2022-0824 Webmin 1.984 Remote Code Exection
- MyBB >= 1.2.0, < 1.8.30 Remote Code Execution CVE-2022-24734
- OpenRemote IP Block Bypass [0Day]
- ICT Protege GX/WX 2.08 Password Hash Disclosure. public
Happy pentesting, and peace to all.
Gleg Security team
Follow us on https://twitter.com/GlegExploitPack
More information about the Canvas
mailing list