#authentication-bypass

[ follow ]
#passwordstate #vulnerabilities #dell-storage-manager #xxe #red-lion-sixnet #remote-code-execution
Information security
fromIT Pro
6 days ago

Critical Dell Storage Manager flaws could let hackers access sensitive data - patch now

Critical authentication and XML entity vulnerabilities in Dell Storage Manager prior to 20.1.21 allow unauthenticated attackers to access APIs, disclose data, and access files.
fromThe Hacker News
2 weeks ago

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

Red Lion's Sixnet RTUs provide advanced automation, control, and data acquisition capabilities in industrial automation and control systems, primarily across energy, water, and wastewater treatment, transportation, utilities, and manufacturing sectors. These industrial devices are configured using a Windows utility called Sixnet IO Tool Kit, with a proprietary Sixnet "Universal" protocol used to interface and enable communication between the kit and the RTUs.
Information security
Information security
fromThe Hacker News
1 month ago

Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models

Two critical authentication-bypass vulnerabilities in Wondershare RepairIt exposed unencrypted user data and cloud resources, enabling AI model tampering, supply-chain attacks, and remote code execution.
#passwordstate
more#passwordstate
Information security
fromTechzine Global
4 months ago

Eight vulnerabilities hit HPE StoreOnce, upgrade required

HPE StoreOnce has critical vulnerabilities, including an authentication bypass that enables further attacks.
Users need to upgrade to StoreOnce Software v4.3.11 to mitigate vulnerabilities.
fromThe Hacker News
6 months ago

How Breaches Start: Breaking Down 5 Real Vulns

Not every security vulnerability is high risk on its own - but in the hands of an advanced attacker, even small weaknesses can escalate into major breaches.
Information security
[ Load more ]