SSD Advisory – TerraMaster TOS Unauthenticated Remote Command Execution

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom
See our full scope at: https://blogs.securiteam.com/index.php/product_scope

Vulnerability Summary
The following advisory describes a unauthenticated remote command execution found in TerraMaster TOS 3.0.33.

TOS is a “Linux platform-based operating system developed for TerraMaster cloud storage NAS server. TOS 3 is the third generation operating system newly launched.”

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
The vendor stated that version 3.1.03 of TerraMaster TOS is no longer vulnerable to this vulnerability, the latest version of the software can be obtained from: http://download.terra-master.com/download.php.
Continue reading SSD Advisory – TerraMaster TOS Unauthenticated Remote Command Execution

SSD Advisory – Western Digital My Cloud Pro Series PR2100 Authenticated RCE

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom
See our full scope at: https://blogs.securiteam.com/index.php/product_scope

Vulnerability Summary
A vulnerability in the Western Digital My Cloud Pro Series PR2100 allows authenticated users to execute commands arbitrary commands.

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Response
The vendor was notified on the 28th of November 2017, and responded that they take security seriously and will be fixing this vulnerability promptly, repeated attempts to get a timeline or fix failed, the last update received from them was on the 31st of Jan 2018, no further emails sent to the vendor were responded. We are not aware of any fix or remediation for this vulnerability.
Continue reading SSD Advisory – Western Digital My Cloud Pro Series PR2100 Authenticated RCE

SSD Advisory – VK Messenger (VKontakte) vk:// URI Handler Commands Execution

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom
See our full scope at: https://blogs.securiteam.com/index.php/product_scope

Vulnerability Summary
The following describes a vulnerability in VK Messenger that is triggered via the exploitation of improperly handled URI.

VK (VKontakte; [..], meaning InContact) is “an online social media and social networking service. It is available in several languages. VK allows users to message each other publicly or privately, to create groups, public pages and events, share and tag images, audio and video, and to play browser-based games. It is based in Saint Petersburg, Russia”.

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Affected Version
VK Messenger version 3.1.0.143

Vendor Response
The vendor responded that the problem no longer affects the latest version – but didn’t provide any information on when it was fixed and whether it was fixed due to someone else reporting this vulnerability.
Continue reading SSD Advisory – VK Messenger (VKontakte) vk:// URI Handler Commands Execution

SSD Advisory – CloudMe Unauthenticated Remote Buffer Overflow

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom
See our full scope at: https://blogs.securiteam.com/index.php/product_scope

The following advisory describes one (1) vulnerability found in CloudMe.

CloudMe is “a file storage service operated by CloudMe AB that offers cloud storage, file synchronization and client software. It features a blue folder that appears on all devices with the same content, all files are synchronized between devices.”

The vulnerability found is a buffer overflow vulnerability, which when exploited can be used to cause the product to execute arbitrary code.

Credit
A security researcher from, hyp3rlinx, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program

Vendor response
The vendor has released CloudMe version 1.11.0 which addresses this vulnerability.

CVE: CVE-2018-6892
Continue reading SSD Advisory – CloudMe Unauthenticated Remote Buffer Overflow