#web

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.5 ATTENTION: Exploitable remotely Vendor: Opto 22 Equipment: GRV-EPIC-PR1, GRV-EPIC-PR2, groov RIO Vulnerability: Improper Neutralization of Special Elements used in an OS Command 2. RISK EVALUATION Successful exploitation of this vulnerability could result in the execution of arbitrary shell commands with root privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of GRV Programmable Logic Controllers are affected: GRV-EPIC-PR1 Firmware: Versions prior to 4.0.3 GRV-EPIC-PR2 Firmware: Versions prior to 4.0.3 groov RIO GRV-R7-MM1001-10 Firmware: Versions prior to 4.0.3 groov RIO GRV-R7-MM2001-10 Firmware: Versions prior to 4.0.3 groov RIO GRV-R7-I1VAPM-3 Firmware: Versions prior to 4.0.3 3.2 VULNERABILITY OVERVIEW 3.2.1 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-78 A vulnerability exists in the Opto22 Groov Manage REST API on GRV-EPIC and groov RIO Products that allows rem...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: Automated Logic Equipment: WebCTRL Premium Server Vulnerabilities: Open Redirect, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a remote attacker to deceive a legitimate user into running malicious scripts or redirecting them to malicious websites. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Automated Logic products are affected: Automated Logic WebCTRL Server: Version 6.1 Automated Logic WebCTRL Server: Version 7.0 Automated Logic WebCTRL Server: Version 8.0 Automated Logic WebCTRL Server: Version 8.5 Carrier i-Vu: Version 6.1 Carrier i-Vu: Version 7.0 Carrier i-Vu: Version 8.0 Carrier i-Vu: Version 8.5 Automated Logic SiteScan Web: Version 6.1 Automated Logic SiteScan Web: Version 7.0 Automated Logic SiteScan Web: Version 8.0 Automated Logic SiteScan Web: Version 8.5 Automated Logic WebCTRL for OEMs: Version 6.1 Automated Logic WebCTR...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: Appleton UPSMON-PRO Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on affected installations of Appleton UPSMON-PRO. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Emerson products are affected: Appleton UPSMON-PRO: Versions 2.6 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 STACK-BASED BUFFER OVERFLOW CWE-121 A crafted UDP packet sent to the default UDP port 2601 can cause an overflow of the buffer stack, overwriting critical memory locations. This could allow unauthorized individuals to execute arbitrary code with SYSTEM privileges if the UPSMONProService service communication is not properly validated. CVE-2024-3871 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: iCam365 Equipment: P201 and QC021 Vulnerabilities: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in unauthorized exposure of camera video streams and camera configuration data. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following iCam365 camera model is affected: ROBOT PT Camera P201: Versions 43.4.0.0 and prior Night Vision Camera QC021: Versions 43.4.0.0 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 Missing Authentication for Critical Function CWE-306 The affected products allow unauthenticated access to Open Network Video Interface Forum (ONVIF) services, which may allow an attacker unauthorized access to camera configuration information. CVE-2025-64770 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.8 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L). A CVSS v4 sco...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Festo SE & Co. KG Equipment: Didactic products Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow the creation or overwriting of arbitrary files in the engineering system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Festo reports that the following products contain affected versions of Siemens TIA-Portal: Siemens TIA-Portal V15 prior to V17 Update 6 installed on Festo Hardware MES PC: All versions Siemens TIA-Portal V18 prior to V18 Update 1 installed on Festo Hardware MES PC: All versions Siemens TIA-Portal V15 prior to V17 Update 6 installed on Festo Hardware TP260 (<June2023): All versions Siemens TIA-Portal V18 prior to V18 Update 1 installed on Festo Hardware TP260 (<June2023): All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 Improper Input Validation CWE-20 A vulnerability has been identified in Siemens Totally Integrated Automation Po...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Festo SE & Co. KG Equipment: MSE6-C2M/D2M/E2M Vulnerability: Hidden Functionality 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to a complete loss of confidentiality, integrity, and availability. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Festo reports the following products are affected: MSE6-C2M-5000-FB36-D-M-RG-BAR-M12L4-AGD: All versions MSE6-C2M-5000-FB36-D-M-RG-BAR-M12L5-AGD: All versions MSE6-C2M-5000-FB43-D-M-RG-BAR-M12L4-MQ1-AGD: All versions MSE6-C2M-5000-FB43-D-M-RG-BAR-M12L5-MQ1-AGD: All versions MSE6-C2M-5000-FB44-D-M-RG-BAR-AMI-AGD: All versions MSE6-C2M-5000-FB44-D-RG-BAR-AMI-AGD: All versions MSE6-D2M-5000-CBUS-S-RG-BAR-VCB-AGD: All versions MSE6-E2M-5000-FB13-AGD: All versions MSE6-E2M-5000-FB36-AGD: All versions MSE6-E2M-5000-FB37-AGD: All versions MSE6-E2M-5000-FB43-AGD: All versions MSE6-E2M-5000-FB44-AGD: All versions 3.2 VULNERABIL...

CTM360 has identified a rapidly expanding WhatsApp account-hacking campaign targeting users worldwide via a network of deceptive authentication portals and impersonation pages. The campaign, internally dubbed HackOnChat, abuses WhatsApp’s familiar web interface, using social engineering tactics to trick users into compromising their accounts. Investigators identified thousands of malicious URLs

Cybersecurity researchers have disclosed details of a new Android banking trojan called Sturnus that enables credential theft and full device takeover to conduct financial fraud. "A key differentiator is its ability to bypass encrypted messaging," ThreatFabric said in a report shared with The Hacker News. "By capturing content directly from the device screen after decryption, Sturnus can monitor

## Summary After some research it appears that it is possible to obtain a reflected XSS when the server islands feature is used in the targeted application, **regardless of what was intended by the component template(s)**. ## Details Server islands run in their own isolated context outside of the page request and use the following pattern path to hydrate the page: `/_server-islands/[name]`. These paths can be called via GET or POST and use three parameters: - `e`: component to export - `p`: the transmitted properties, encrypted - `s`: for the slots Slots are placeholders for external HTML content, and therefore allow, by default, the injection of code if the component template supports it, nothing exceptional in principle, just a feature. This is where it becomes problematic: it is possible, independently of the component template used, even if it is completely empty, to inject a slot containing an XSS payload, whose parent is a tag whose name is is the absolute path of the island ...

The operator, Alexander Volosovik, also known as “Yalishanda”, “Downlow” and “Stas_vl,” ran a long-running bulletproof hosting operation used by top ransomware groups.