Introduction NetModule Router Software (NRSW) is a Linux-based software solution developed by NetModule for managing data connections across various devices. It applies to a various devices, including stationary and mobile routers, gateways, and IoT devices. NRSW provides consistent configuration processes and functions across all NetModule devices. It includes security features and supports over-the-air updates. NetModule also provides free updates and support for NRSW, contributing to its overall functionality and efficiency in network operations. Advisory Informations Remotely Exploitable ..read more

Roxy-WI was created for people who want a fault-tolerant infrastructure but do not want to dive deep into the details of setting up and creating a cluster based on HAProxy / NGINX and Keepalived, or just need a convenient interface for managing all services in one place. Advisory Information Remotely Exploitable: Yes Authentication Required: No Vendor URL: roxy-wi.org CVSSv3.1 Score: 10.0 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L) Date of found: 10.06.2022 Technical Details Vulnerability #1 – Authentication Bypass Upon obtaining the Roxy-WI source code from the Roxy GitHub account, I finis ..read more

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Advisory Information Remotely Exploitable: Yes Authentication Required: Depends on Configuration Vendor URL: glpi-project.org CVSSv3.1 Score: 9.1 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L) Date of found: 09.06.2022 Technical Details Vulnerability #1 – Unauthenticated/Authenticated SQL Injection GLPI application contains multiple components (e.g. CMDB, Helpdesk, Project Manageme ..read more

LiderAhenk is an open source software system that enables centralized management, monitoring and control of systems and users on the corporate network. In this blog post, you will see how bad it can get when you have a critical security vulnerability on your centralized client management system. Architecture and Our Target LiderAhenk software has 2 component. Lider and Ahenk. Lider is the main component where you manage your organization. It is the business layer of Lider Ahenk project running on Karaf container. It contains core functionalities (such as LDAP client, task manager, XM ..read more

This post is password protected. To view it please enter your password below: Password: Submit ..read more

This post is password protected. To view it please enter your password below: Password: Submit ..read more