This module exploits an unauthenticated command injection in a variety of Hikvision IP cameras (CVE-2021-36260). The module inserts a command into an XML payload used with an HTTP PUT request sent to ...
This exploit effectively serves as a bypass for CVE-2024-3408. An attacker can override global state to enable custom filters, which then facilitates remote code execution. Specifically, this ...
Aorato, a specialist in Active Directory monitoring and protection, delivers a step-by-step report on how attackers used the stolen credentials of an HVAC vendor to steal the data of 70 million ...
Users running the website on a self-hosted WordPress or on Drupal are strongly recommended to update their websites to the latest version immediately. A moderately critical vulnerability was ...