SSD Advisory – Oracle Knowledge Management XXE Leading to a RCE

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describe Information Disclosure found in Oracle Knowledge Management version 8.5.1.

By enabling searches across a wide variety of sources, Oracle’s InQuira knowledge management products offer simple and convenient ways for users to access knowledge that was once hidden in the myriad systems, applications, and databases used to store enterprise content.

Oracle’s products for knowledge management help users find useful knowledge contained in corporate information stores.

Credit
An independent security researcher, Steven Seeley, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
Oracle has released patches to address this vulnerability, for more details see: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html.

Continue reading SSD Advisory – Oracle Knowledge Management XXE Leading to a RCE

SSD Advisory – MuraCMS Multiple Vulnerabilities

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describes two (2) vulnerabilities found in MuraCMS version 6.2. MuraCMS is an open source content management system for CFML, created by Blue River Interactive Group. Mura has been designed to be used by marketing departments, web designers and developers.

The vulnerabilities found in MuraCMS are:

  1. Unauthenticated remote arbitrary code execution
  2. Unrestricted file upload

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
BlurRiver has released patch to address the vulnerabilities: “we put builds with the vulnerabilities patched and then released a blog as well as communicated via our Google group, Slack channel, twitter and mailing list.”

The patch and blog post can be found here

Continue reading SSD Advisory – MuraCMS Multiple Vulnerabilities

SSD Advisory – HTC Sync Remote Code Execution

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describes a remote code execution (RCE) found in HTC Sync version v3.3.63.

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
The vulnerability was not reported to the vendor because the product has reached end of life on 31 August 2016 and was replaced by HTC Sync Manager which is not vulnerable to this vulnerability.

Continue reading SSD Advisory – HTC Sync Remote Code Execution

SSD Advisory – ZyXEL Enterprise Network Center and Vantage Centralized Network Management Multiple Vulnerabilities

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary

The following advisory describes three (3) vulnerabilities found in ZyXEL Enterprise Network Center (version 1.3.218.61) and two (2) vulnerabilities found in ZyXEL Vantage Centralized Network Management (version 3.2)

The three vulnerabilities found in ZyXEL Enterprise Network Center (version 1.3.218.61) are:

  1. Directory traversal and Command injection vulnerabilities leading to Remote Command Execution
  2. ShowIcon” Servlet file Parameter Directory Traversal
  3. FileDownloadServlet Request URI Directory Traversal Read Code Execution

The two vulnerabilities found in ZyXEL Vantage Centralized Network Management (version 3.2) are:

  1. FileDownloadServlet Directory Traversal
  2. GUIDownloadServlet Request URI Directory Traversal

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
SSD reported the vulnerabilities to ZyXEL back in Jun 2016.
Vendor response: “Regarding the security vulnerabilities you reported for our Vantage CNM, we were informed by HQ that there will no further enhancements for the product, as we have a new product to replace it, called Cloud CNM. Further, the two provide almost equivalent features with exception to GUI and behavior.

Continue reading SSD Advisory – ZyXEL Enterprise Network Center and Vantage Centralized Network Management Multiple Vulnerabilities