CVE-2022-24697 The designer function has a command injection vulnerability when overwriting system parameters in the configuration.
If you have one of these versions installed on your system, it is recommended to update as soon as possible. In case you haven’t
CVE-2022-42086 Tenda AX1803 US_AX1803v2.0 is vulnerable to CSRF attacks via the TendaAteMode function.
A remote attacker can trick the user to perform an action on the site, such as purchasing equipment, by sending a specially crafted request.
4.
CVE-2022-37887 Vulnerabilities in Aruba AP management protocols could lead to code execution. The PAPI UDP port is used for the attack.
These upgrades are available to customers through the Internet Provisioning Portal. Customers should upgrade their devices as soon as possible to prevent possible exploitation of
CVE-2021-40556 An open stack overflow vulnerability exists in the httpd service of ASUS RT-AX56U Router 3.0.0.4.386.44266.
Authentication is required to exploit this vulnerability. An attacker would need to find a way to trick a user into visiting a malicious URI. Another
CVE-2022-39264 nheko is a desktop client for the Matrix application. Versions below 0.10.2 are vulnerable to secrets being inserted that could lead to man-in-the-middle attacks.
The Matrix team published a patch, which should be applied as soon as possible. The main reason why this discovery is so important is that
Episode
00:00:00
00:00:00