CVE-2021-26732 - How a Broken Access Control in Lanner IAC-AST250A Lets Attackers Take Over BMC Network Settings
Date: June 2024
Author: Security Researcher
When we talk about security in server management hardware, the Baseboard Management Controller (BMC) is always right at the
CVE-2022-41986 An information disclosure vulnerability in Android App IIJ SmartKey versions prior to 2.1.4 could allow an attacker to obtain a one-time password.
- CVE-2018-0740 The IiiJ SmartKey Android App allows a remote attacker to bypass authentication and access the device settings via SQL injection. - CVE-2018-0739 The
CVE-2022-23462 IOWOW is a C library for key/value storage with a stack buffer overflow vulnerability that allows for Denial of Service when parsing scientific notation numbers in JSON.
This vulnerability is only exploitable when there are numbers with a leading `.` (e.g. `3.14`) or `e` (e.g. `3.14e+1`) in an
CVE-2022-27494 TUG server versions before 24 are affected by an unauthenticated attacker who can access hashed user credentials.
The vulnerability was detected by researchers at Cisco Talos and was assigned the identifier CVE-2018-7437. A remote attacker could trick a user into visiting a
CVE-2022-38108 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data
This issue was addressed by implementing a new control flow for data transfer to and from the Web Console, which now uses encrypted HTTPS. The
Episode
00:00:00
00:00:00