• Consulting
  • Information Security
  • Networking
  • Software Development
  • R&D
  • BLOG

  • Advisory
  • Talk
  • Tech Tips
  • A10 ACOS Web Application Firewall (WAF) mishandles the configured rules for blocking SQL injection attacks

    11-10-2018

    CVEID: CVE-2018-15904 Affected Product: A10 ACOS Web Application Firewall (WAF) Affected releases: 2.7.1 and 2.7.2 before 2.7.2-P12, 4.1.0 before 4.1.0-P11, 4.1.1 before 4.1.1-P8, and 4.1.2 before 4.1.2-P4 Executive Summary A critical vulnerability was discovered in several releases of A10 ACOS operating system in branches 2.7 and 4.1. A remote attacker could send specially-crafted HTTP requests, […]

    Infocad Facility Management CVE-2018-13789 Unauthenticated webservice allows retrieval of arbitrary files

    09-10-2018

      CVEID: CVE-2018-13789 CVSS: 9.3(Critical)  AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L/RL:O Affected Products and Versions: Infocad FM – v. 2016.1.5.0, Infocad FM – Version(s) < v3.1.0.0 Executive Summary A critical vulnerability was discovered in Descor Infocad FM v2016.1.5.0 through v3.1.0.0, the unauthenticated web service GlobalReaderWCF allows the download of arbitrary files from local disks and remote SMB shares via an unsanitized […]

    IBM Tivoli Monitoring CVE-2017-1635 Remote Code Execution Vulnerability

    06-02-2018

    CVEID: CVE-2017-1635 CVSS Base Score: 8 Affected Products and Versions: KDH component of IBM Tivoli Monitoring Basic Services (KGL,KAX) for Version 6.2.2.0 through 6.2.2.9   Executive Summary A vulnerability exists in the internal web server provided by IBM Tivoli Monitoring basic services. It could allow a remote attacker to execute arbitrary code on the system, […]

    D-Link router DSL-2750B firmware 1.01 to 1.03 – RCE no auth

    21-01-2017

    After playing around a bit with my home router, I’ve noticed something interesting during login phase; user is redirected on error page by providing wrong credentials and the URL catch my eye: http://192.168.1.1:666/login.cgi?cli=access%20login%20encrypted%2041544A25DC00170BA90659AD4CBDD9D9$ In order to see what’s happening, web server must be started on the router with the debug output enabled: Seems like arguments […]

    McAfee SIEM ESM and ESMREC Authentication Bypass vulnerability

    12-09-2016

    McAfee SIEM ESM and ESMREC Authentication Bypass vulnerability Quantum Leap Advisory McAfee SIEM ESM and ESMREC Authentication Bypass vulnerability Affected Product: SIEM 9.5 and 9.6. Credits: Vulnerability discovered by Claudio Cinquino of Quantum Leap S.R.L. CVE: CVE-2016-8006 Executive Summary SIEM 9.5 and 9.6.0 allow an administrative user to make changes to other SIEM users’ information […]

    McAfee SIEM ESM, ESMREC, and ESMLM Authentication Bypass vulnerability

    29-10-2015

    McAfee SIEM ESM, ESMREC, and ESMLM Authentication Bypass vulnerability Quantum Leap Advisory McAfee SIEM ESM, ESMREC, and ESMLM Authentication Bypass vulnerability Affected Product: SIEM ESM 9.5.0MR7, 9.4.2MR8, 9.3.2MR18 and earlier releases. Credits: Vulnerability discovered by Claudio Cinquino of Quantum Leap S.R.L. CVE: CVE-2015-8024 Executive Summary Authentication Bypass: A specially crafted username can bypass SIEM ESM […]

    CLOUD4WI SPLASH PORTAL Reflected XSS vulnerability – CVE-2015-4699

    04-08-2015

    CLOUD4WI SPLASH PORTAL Reflected XSS vulnerability Quantum Leap Advisory: CLOUD4WI SPLASH PORTAL Reflected XSS vulnerability – Adivsory # CVE-2015-4699 Affected Product: CLOUD4WI SPLASH PORTAL Credits: Vulnerability discovered by Agostino Parentela of Quantum Leap s.r.l  Executive Summary Using a specially crafted HTTP request, it is possible to exploit a lack in the neutralization of the pages output which includes the […]

    Cart Engine 3.0 Multiple vulnerabilities – SQL Injection, Reflected XSS, Open Redirect

    15-09-2014

    Cart Engine 3.0 Multiple vulnerabilities – SQL Injection, Reflected XSS, Open Redirect Quantum Leap Advisory: Cart Engine 3.0 Multiple vulnerabilities – SQL Injection, Reflected XSS, Open Redirect – Adivsory #QLA140808 Affected Product: Cart Engine 3.0 Credits: Vulnerability discovered by Francesco Perna and Pietro Minniti of Quantum Leap s.r.l Executive Summary SQL Injection: Using a specially […]

    A10 Networks Reflected XSS vulnerability

    20-06-2014

    A10 Networks Reflected XSS vulnerability Quantum Leap Advisory: A10 Networks remote Buffer Overflow in ACOS[1] 2.7.0-P2 – Adivsory #QLA140505 Affected Product: ACOS 2.7.0-P2(build: 53)  (older versions may be affected too) (Tested on SoftAX[2]) Credits: Vulnerability discovered by Francesco Perna of Quantum Leap s.r.l Executive Summary Using a specially crafted HTTP request, it is possible to exploit a lack […]

    A10 Networks

    A10 Networks remote Buffer Overflow in ACOS 2.7.0-P2(build: 53) 

    02-04-2014

    A10 Networks remote Buffer Overflow Quantum Leap Advisory: A10 Networks remote Buffer Overflow in ACOS[1] 2.7.0-P2 – Adivsory #QLA140402 Affected Product: ACOS 2.7.0-P2(build: 53)  (older versions may be affected too) (Tested on SoftAX[2]) Credits: Vulnerability discovered by Francesco Perna of Quantum Leap s.r.l Executive Summary Using a specially crafted HTTP request to the administration web server, it is […]

    A10 Networks

    VLC Reflected XSS vulnerability

    18-03-2014

    VLC Reflected XSS vulnerability Quantum Leap Advisory: VLC Reflected XSS vulnerability – Adivsory #QLA140216 Affected Product: VLC 2.1.3 (older versions may be affected too) Credits: Vulnerability discovered by Francesco Perna and Pietro Minniti of Quantum Leap s.r.l Executive Summary Using a specially crafted HTTP request, it is possible to exploit a lack in the neutralization[1] of the error […]

    Reflected XSS vulnerability found in VLC error page