Security
Headlines
HeadlinesLatestCVEs

Tag

#backdoor

Ukraine's DELTA Military System Users Under Attack from Info Stealing Malware

The Computer Emergency Response Team of Ukraine (CERT-UA) this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense. The attacks, which have been attributed to a threat cluster dubbed UAC-0142, aimed to infect systems with two pieces of data-stealing malware referred to as FateGrab and

The Hacker News
#web#backdoor#pdf#The Hacker News
CVE-2022-46914: A Firmware Modification Vulnerability During Firmware Update in TP-Link TL-WA801N / TL-WA801ND Wireless Access Point - HackMD

An issue in the firmware update process of TP-LINK TL-WA801N / TL-WA801ND V1 v3.12.16 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.

CVE-2022-46912: A Firmware Modification Vulnerability During Firmware Update in TP-Link TL-WR841N / TL-WR841N Wireless Routers - HackMD

An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.

CVE-2022-46910: A Firmware Modification Vulnerability During Firmware Update in TP-Link TL-WA901N / TL-WA901ND Wireless Access Point - HackMD

An issue in the firmware update process of TP-Link TL-WA901ND V1 up to v3.11.2 and TL-WA901N V2 up to v3.12.16 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.

CVE-2022-46435: A Firmware Modification Vulnerability During Firmware Update in TP-Link TL-WR941ND Wireless Routers - HackMD

An issue in the firmware update process of TP-Link TL-WR941ND V2/V3 up to 3.13.9 and TL-WR941ND V4 up to 3.12.8 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.

CVE-2022-46434: A Firmware Modification Vulnerability During Firmware Update in TP-Link TL-WA7510N V1 Wireless Access Point - HackMD

An issue in the firmware update process of TP-Link TL-WA7510N v1 v3.12.6 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.

CVE-2022-46432: A Firmware Modification Vulnerability During Firmware Update in TP-Link TL-WR743ND Wireless Routers - HackMD

An exploitable firmware modification vulnerability was discovered on TP-Link TL-WR743ND V1. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v3.12.20 and earlier.

CVE-2022-46430: A Firmware Modification Vulnerability During Firmware Update in TP-Link TL-WR741ND and TL-WR740N Wireless Routers - HackMD

TP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.

CVE-2022-46424: Two Vulnerabilities Regarding Firmware Updates in Netgear XWN5001 WiFi Access Point - HackMD

An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v0.4.1.1 and earlier.

CVE-2022-46423: A Firmware Modification Attack Vulnerability in Netgear WNR2000 Router - HackMD

An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a MITM (Man-in-the-Middle) attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service (DoS). This affects v1.2.3.7 and earlier.