Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Threat Roundup for April 29 to May 6

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 29 and May 6. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]]

TALOS
Open in Source
#vulnerability#web#mac#windows#apple#google#microsoft#js#git#java#oracle#intel#ldap#samba#acer#chrome#sap
Microsoft, Apple, and Google Promise to Expand Passwordless Features

The passwordless future just became closer to reality, as Microsoft, Apple, and Google pledge to make the standard possible across operating systems and browsers.

CVE-2022-28581: IOT_vuln/TOTOLink/A7100RU/9 at main · EPhaha/IOT_vuln

It is found that there is a command injection vulnerability in the setWiFiAdvancedCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.

CVE-2022-28582: IOT_vuln/TOTOLink/A7100RU/6 at main · EPhaha/IOT_vuln

It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.

CVE-2022-28583: IOT_vuln/TOTOLink/A7100RU/7 at main · EPhaha/IOT_vuln

It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.

CVE-2022-28584: IOT_vuln/TOTOLink/A7100RU/8 at main · EPhaha/IOT_vuln

It is found that there is a command injection vulnerability in the setWiFiWpsStart interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.

CVE-2022-28575: IOT_vuln/TOTOLink/A7100RU/1 at main · EPhaha/IOT_vuln

It is found that there is a command injection vulnerability in the setopenvpnclientcfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows attackers to execute arbitrary commands through a carefully constructed payload

CVE-2022-28578: IOT_vuln/TOTOLink/A7100RU/2 at main · EPhaha/IOT_vuln

It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.

CVE-2022-28577: IOT_vuln/TOTOLink/A7100RU/3 at main · EPhaha/IOT_vuln

It is found that there is a command injection vulnerability in the delParentalRules interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.

CVE-2022-28580: IOT_vuln/TOTOLink/A7100RU/5 at main · EPhaha/IOT_vuln

It is found that there is a command injection vulnerability in the setL2tpServerCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload.