SSD Advisory – Microsoft Office SMB Information Disclosure

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describes an information disclosure found in Microsoft Office versions 2010, 2013, and 2016.

Microsoft Office is: “Whether you’re working or playing, Microsoft is here to help. We’re the company that created Microsoft Office, including Office 365 Home, Office 365 Personal, Office Home & Student 2016, Office Home & Business 2016, and Office Professional 2016. You can also get Office for Mac. Whatever your needs—whether professional or simply for fun—we’ve got you covered. The powerful software in Microsoft Office 2013 remains in Microsoft Office 2016.”

Credit
An independent security researcher, Björn Ruytenberg, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
Microsoft was informed of the vulnerability, to which they response with:

“Upon investigation, we have determined that this submission does not meet the bar for security servicing. Unfortunately images are commonly used in emails and other locations that are sourced from external sites, those sites can use that request for basic tracking information. Your report about SMBTrap is also a well documented publicly disclosed item and would not meet the bar. In addition the PoC requires a user to disable their security, specifically the Protected View, stating that they trust the source.

As such, this email thread has been closed and will no longer be monitored.”

Continue reading SSD Advisory – Microsoft Office SMB Information Disclosure

SSD Advisory – QNAP HelpDesk SQL Injection

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describes a SQL injection found in QTS Helpdesk versions 1.1.12 and earlier.

QNAP helpdesk: “Starting from QTS 4.2.2 you can use the built-in Helpdesk app to directly submit help requests to QNAP from your NAS. To do so, ensure your NAS can reach the Internet, open Helpdesk from the App Center, and create a new Help Request. Helpdesk will automatically collect and attach NAS system information and system logs to your request, and you can provide other information such as the steps necessary to reproduce the error, the error message and screenshots so we can identify the problem faster.”

Credit
An independent security researcher, Kacper Szurek, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
QNAP has released patches to address this vulnerability.

For more information: https://www.qnap.com/en/security-advisory/nas-201709-29

CVE: CVE-2017-13068

Continue reading SSD Advisory – QNAP HelpDesk SQL Injection

SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describes sensitive information Disclosure found in Tiandy IP cameras version 5.56.17.120

Tianjin Tiandy Digital Technology Co., Ltd ( Tiandy Tech) is “one of top 10 leading CCTV manufacturer in China and a global supplier of advanced video surveillance solutions.”

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
We tried to contact Tiandy starting from August 16 2017, repeated attempts to establish contact went unanswered. At this time there is no solution or workaround for this vulnerability.

CVE: CVE-2017-15236

Continue reading SSD Advisory – Tiandy IP cameras Sensitive Information Disclosure

SSD Advisory – FLIR Systems Multiple Vulnerabilities

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describes 5 (five) vulnerabilities found in FLIR Systems FLIR Thermal/Infrared Camera FC-Series S, FC-Series ID, PT-Series.

FLIR – “Best-in-class thermal cameras with on-board analytics for high-performance intrusion detection. The new FC-Series ID combines best-in-class thermal image detail and high-performance edge perimeter analytics together in a single device that delivers optimal intrusion detection in challenging environments and extreme conditions”.

The vulnerabilities found are:

  • Information disclosure
  • Stream disclosure
  • Unauthenticated Remote Code Execution
  • Authenticated Remote Code Execution
  • Hard-coded Credentials

Credit
An independent security researcher, Gjoko Krstic – Zero Science Lab, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Response
The vendor has been notified on the 27th of June 2017, several emails were exchanged, but no ETA for a fix or workaround have been provided for the following vulnerabilities.

Continue reading SSD Advisory – FLIR Systems Multiple Vulnerabilities