Zero Science Lab

Once the admin establishes a secure shell session, she gets dropped into a sandboxed environment using the login binary that allows specific set of commands. One of those commands that can be exploited to escape the jailed shell is traceroute. A remote attacker can breakout of the restricted environment and have full root access to the device.

The affected device suffers from authenticated remote code execution vulnerability. A remote attacker can exploit this issue and execute arbitrary system commands granting her system access with root privileges. Also, the application suffers from Insufficient Session Expiration vulnerability.

The application suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.

The application suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.

The application suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.

The application suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.

Screen is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain access to sensitive information including usernames and source IP addresses.

This exploit circumvents the control and requirement of admin's old password and directly changes the password.

Fatal OOM/crash of Chrome browser while detaching/attaching tabs on macOS.

Improper access control occurs when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages.