D-Link DIR8xx routers suffer from a local firmware upload vulnerability.
Source: D-Link DIR8xx Router Firmware Upload
The post D-Link DIR8xx Router Firmware Upload appeared first on MondoUnix.
Ubiquiti Networks UniFi Cloud Key with firmware version 0.6.1 suffers from an authenticated command injection vulnerability.
Source: Ubiquiti Networks UniFi Cloud Key Firmware 0.6.1 Command Injection
The post Ubiquiti Networks UniFi Cloud Key Firmware …
Barracuda WAF V360 with firmware 8.0.1.014 suffers from a support tunnel hijacking vulnerability.
Source: Barracuda WAF V360 Firmware 8.0.1.014 Support Tunnel Hijack
The post Barracuda WAF V360 Firmware 8.0.1.014 Support Tunnel Hijack appeared first on…
The Barracuda WAF management application transmits the current user and session identifier over HTTP GET. Firmware version 8.0.1.014 is affected.
Source: Barracuda WAF V360 Firmware 8.0.1.014 Username / Session ID Leak
The post Barracuda WAF V360 Firmw…
The grub password for all Barracuda WAF V360 virtual appliances is four characters in length and, as a result, may be trivially easy to crack. Firmware version 8.0.1.014 is affected.
Source: Barracuda WAF V360 Firmware 8.0.1.014 Grub Password Complexit…
Firmware reversing of the Barracuda Web Application Firewall uncovered development artifacts that should have been removed on the production images. Once the encryption scheme was broken, many QA and development tools were discovered on the affected partitions. Some of these contained sensitive information such as authentication credentials used by internal developers. Firmware version 8.0.1.014 is […]
The post Barracuda WAF V360 Firmware 8.0.1.014 Credential Disclosure appeared first on MondoUnix.
Firmware reversing of the Barracuda Web Application Firewall uncovered debug features that should have been removed on the production images. Appending a debugging statement onto a grub configuration line leads to an early boot root shell. Firmware ver…
