• Consulting
  • Information Security
  • Networking
  • Software Development
  • R&D
  • BLOG

  • Advisory
  • Talk
  • Tech Tips
  • D-Link router DSL-2750B firmware 1.01 to 1.03 – RCE no auth

    21-01-2017

    After playing around a bit with my home router, I’ve noticed something interesting during login phase; user is redirected on error page by providing wrong credentials and the URL catch my eye: http://192.168.1.1:666/login.cgi?cli=access%20login%20encrypted%2041544A25DC00170BA90659AD4CBDD9D9$ In order to see what’s happening, web server must be started on the router with the debug output enabled: Seems like arguments […]

    d-link-logo-A399D83DED-seeklogo.com.gif

    McAfee SIEM ESM and ESMREC Authentication Bypass vulnerability

    12-09-2016

    McAfee SIEM ESM and ESMREC Authentication Bypass vulnerability Quantum Leap Advisory McAfee SIEM ESM and ESMREC Authentication Bypass vulnerability Affected Product: SIEM 9.5 and 9.6. Credits: Vulnerability discovered by Claudio Cinquino of Quantum Leap S.R.L. CVE: CVE-2016-8006 Executive Summary SIEM 9.5 and 9.6.0 allow an administrative user to make changes to other SIEM users’ information […]

    McAfee

    McAfee SIEM ESM, ESMREC, and ESMLM Authentication Bypass vulnerability

    29-10-2015

    McAfee SIEM ESM, ESMREC, and ESMLM Authentication Bypass vulnerability Quantum Leap Advisory McAfee SIEM ESM, ESMREC, and ESMLM Authentication Bypass vulnerability Affected Product: SIEM ESM 9.5.0MR7, 9.4.2MR8, 9.3.2MR18 and earlier releases. Credits: Vulnerability discovered by Claudio Cinquino of Quantum Leap S.R.L. CVE: CVE-2015-8024 Executive Summary Authentication Bypass: A specially crafted username can bypass SIEM ESM […]

    McAfee

    CLOUD4WI SPLASH PORTAL Reflected XSS vulnerability – CVE-2015-4699

    04-08-2015

    CLOUD4WI SPLASH PORTAL Reflected XSS vulnerability Quantum Leap Advisory: CLOUD4WI SPLASH PORTAL Reflected XSS vulnerability – Adivsory # CVE-2015-4699 Affected Product: CLOUD4WI SPLASH PORTAL Credits: Vulnerability discovered by Agostino Parentela of Quantum Leap s.r.l  Executive Summary Using a specially crafted HTTP request, it is possible to exploit a lack in the neutralization of the pages output which includes the […]

    Cloud4Wi_logo

    Cart Engine 3.0 Multiple vulnerabilities – SQL Injection, Reflected XSS, Open Redirect

    15-09-2014

    Cart Engine 3.0 Multiple vulnerabilities – SQL Injection, Reflected XSS, Open Redirect Quantum Leap Advisory: Cart Engine 3.0 Multiple vulnerabilities – SQL Injection, Reflected XSS, Open Redirect – Adivsory #QLA140808 Affected Product: Cart Engine 3.0 Credits: Vulnerability discovered by Francesco Perna and Pietro Minniti of Quantum Leap s.r.l Executive Summary SQL Injection: Using a specially […]

    cart_engine_logo

    A10 Networks Reflected XSS vulnerability

    20-06-2014

    A10 Networks Reflected XSS vulnerability Quantum Leap Advisory: A10 Networks remote Buffer Overflow in ACOS[1] 2.7.0-P2 – Adivsory #QLA140505 Affected Product: ACOS 2.7.0-P2(build: 53)  (older versions may be affected too) (Tested on SoftAX[2]) Credits: Vulnerability discovered by Francesco Perna of Quantum Leap s.r.l Executive Summary Using a specially crafted HTTP request, it is possible to exploit a lack […]

    A10 Networks

    A10 Networks remote Buffer Overflow in ACOS 2.7.0-P2(build: 53) 

    02-04-2014

    A10 Networks remote Buffer Overflow Quantum Leap Advisory: A10 Networks remote Buffer Overflow in ACOS[1] 2.7.0-P2 – Adivsory #QLA140402 Affected Product: ACOS 2.7.0-P2(build: 53)  (older versions may be affected too) (Tested on SoftAX[2]) Credits: Vulnerability discovered by Francesco Perna of Quantum Leap s.r.l Executive Summary Using a specially crafted HTTP request to the administration web server, it is […]

    A10 Networks

    VLC Reflected XSS vulnerability

    18-03-2014

    VLC Reflected XSS vulnerability Quantum Leap Advisory: VLC Reflected XSS vulnerability – Adivsory #QLA140216 Affected Product: VLC 2.1.3 (older versions may be affected too) Credits: Vulnerability discovered by Francesco Perna and Pietro Minniti of Quantum Leap s.r.l Executive Summary Using a specially crafted HTTP request, it is possible to exploit a lack in the neutralization[1] of the error […]

    Reflected XSS vulnerability found in VLC error page