CVE-2022-32966 - Exploiting Missing Authorization in RTL8168FP-CG DASH Management (With Code Example)
In June 2022, a vulnerability identified as CVE-2022-32966 was reported that seriously affects the Realtek RTL8168FP-CG Ethernet controller, specifically its DASH remote management function. The
CVE-2022-24190 - Unauthenticated Bind Attack in Ourphoto App Lets Attackers Take Over Picture Frames
In early 2022, a critical security issue came to light in the popular picture frame control app, Ourphoto (version 1.4.1). CVE-2022-24190 exposes users
CVE-2022-39339 - How Plaintext OIDC Credential Leaks Put Nextcloud Accounts at Risk
user_oidc is a widely used OpenID Connect (OIDC) user backend for Nextcloud, enabling seamless SSO (Single Sign-On) integration with identity providers. On November 10,
CVE-2022-29826 - How Cleartext Storage in Mitsubishi GX Works3 Risks Your Automation Security
Industrial automation keeps factories humming and energy flowing. But when software that controls manufacturing is vulnerable, the consequences can be severe — from data leaks to
CVE-2022-44249 - Command Injection in TOTOLINK NR180X V9.1.u.6279_B20210910 via UploadFirmwareFile
---
The TOTOLINK NR180X is a popular WiFi-6 router, but in late 2022, security researchers discovered a critical vulnerability—CVE-2022-44249—that puts users at risk
Episode
00:00:00
00:00:00