[Canvas] Gleg Agora, SCADA, Def, ZDA updates
YG
audit at gleg.net
Thu Aug 18 17:23:16 UTC 2022
Dear colleagues, new modules available for download.
Agora 3.25
- Home Web Server 1.9.1 (build 164) Remote Code Execution. public
- SAP NetWeaver AS JAVA (LM Configuration Wizard) Directory Traversal. public
- Struts2 CVE-2021-31805 Remote Code Execution
- CVE-2022-36446 Webmin 1.996 Auth Command injection
DefPack 1.79:
- Kyan Network Monitoring Device Credential Disclosure CNVD-2021-49589
- Q-See Surveillance DVR info Disclosure CVE-2018-9995
- CVE-2022-26259 . pub
- ZyXEL Buffer Overflows in zhttpd and libclinkc.so Denial of Service
SCADA 2.26 :
- XISOM X-Scada Viewer Directory Traversal [1Day]
- Ansys Scade Suite Version Student 2022 R1 Remote Denial of Service [1Day]
- JUNG Smart Panel Designer Directory Traversal [1Day]
- SolarView Compact 6.00 Directory Traversal CVE-2022-29298
ZDA 1.45 :
- Tiny PXE TFTP Server Directory Traversal [0Day]
- VBASE Editor HMI SCADA Remote Denial of Service [0Day]
- WinSystems C-more v6.72 Simulator Remote Crash [0Day]
- WellinTech Kingview 7.5 SP5 ActiveX File Replace / Create [0Day]
Happy pentesting!
Gleg Security team
Follow us on https://twitter.com/GlegExploitPack
More information about the Canvas
mailing list