Posts Tagged ‘disclosure’

Microsoft Edge textarea.defaultValue Memory Disclosure

There is a use-after-free vulnerability in Microsoft Edge that can lead to memory disclosure. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198), Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393. Source: Microsoft Edge textarea.defaultValue Memory Disclosure


Advantech SUSIAccess 3.0 Directory Traversal / Information Disclosure

This Metasploit module exploits an information disclosure vulnerability found in Advantech SUSIAccess versions 3.0 and below. The vulnerability is triggered when sending a GET request to the server with a series of dot dot slashes (../) in the file parameter. Source: Advantech SUSIAccess 3.0 Directory Traversal / Information Disclosure


Barracuda WAF V360 Firmware 8.0.1.014 Credential Disclosure

Firmware reversing of the Barracuda Web Application Firewall uncovered development artifacts that should have been removed on the production images. Once the encryption scheme was broken, many QA and development tools were discovered on the affected partitions. Some of these contained sensitive information such as authentication credentials used by internal developers. Firmware version 8.0.1.014 is […]