-
(CVE-2020-11553 -> CVE-2020-11557) NOC NOC. Who’s there? Your NMS is pwnd.
Recently I discovered vulnerabilities in Castle Rock Computing’s SNMPc Enterprise, specifically SNMPc OnLine 12.10.10 before 2020-01-28. Instead of writing my usual blog post containing the coordinated disclosure information, I thought I would do something a little bit different this time and create a simple tutorial for new players regarding the importance of bug chaining. We’ll […]
-
(CVE-2019-16061 –> CVE-2019-16072) Enigma NMS Multiple Vulnerabilities
#——————————————————————– # Multiple Vulnerabilities # NETSAS Pty Ltd’s Enigma NMS # Working exploits: Yes # Vendor Homepage: https://www.netsas.com.au/ # Software Link: https://www.netsas.com.au/enigma-nms-introduction/ # Version: Enigma NMS 65.0.0 # Public Disclosure Date: 22 August 2019 (30 days) # CVE-IDs: CVE-2019-16061 > CVE-2019-16072 # Author: Mark Cross (@xerubus | mogozobo.com) #——————————————————————– On the 20th July 2019 I […]
-
(CVE-2019-14925 –> CVE-2019-14931) Mitsubishi Electric & INEA RTU Multiple Vulnerabilities
#——————————————————- # Multiple Vulnerabilities # Mitsubishi Electric smartRTU & INEA ME-RTU # Working exploits: Yes # Public Disclosure Date: 13 August 2019 # CVE-IDs: CVE-2019-14925 -> CVE-2019-14931 (7 CVE-IDs) # Author: Mark Cross (@xerubus | mogozobo.com) #——————————————————- ==================== Summary ==================== Product: Mitsubishi Electric smartRTU & INEA ME-RTU Version: Latest version of firmware (Misubishi Electric 2.02 […]
-
(CVE-2019-12774 –> CVE-2019-12777) ENTTEC Lighting Controllers Vulnerabilities
In March 2019 I discovered numerous vulnerabilities in a number of ENTTEC’s Lighting Controller products. These vulnerabilities were identified in the current firmware versions publicly available from ENTTEC’s website product pages. According to the comapany’s website, ENTTEC are “Leaders in the expert design and manufacture of LED lights and controls, ENTTEC are an Australian company […]
-
(CVE-2016-4513) Schneider Electric PowerLogic PM8ECC XSS
Background On the 4th August 2015, I discovered a cross-site scripting vulnerability in Schneider Electric’s PowerLogic 800 power meter, specifically in the embedded webserver on the PM8ECC add-on module. After a lengthy nine (9) month disclosure period, Schneider Electric formally thanked me and released a firmware patch to fix the vulnerability, under security advisory SEVD-2016-132-01. […]
-
CVE-TBA: Reflected Cross-Site Scripting (XSS) in QNAP TS-x09 Turbo NAS
On the 7th of July 2015 I discovered a reflected cross-site scripting (XSS) vulnerability in QNAP TS-x09 Network Attached Storage devices. Full disclosure was undertaken with the vendor and a CVE-ID has been requested from Mitre. CVE-ID: requested 7th July 2015 Author: Mark Cross Twitter: @xerubus WWW: www.mogozobo.com Summary A reflected Cross-Site scripting vulnerability was […]