[EN] Multiple Vulnerabilities in Korenix JetPort
Title: Multiple Vulnerabilities Product: Korenix JetPort Vulnerable version: <=1.2 Fixed version: None CVE: CVE-2024-7395, CVE-2024-7396, CVE-2024-7397 Impact: High Homepage: https://korenix.com/ Found: 2024-04-01 The JetPort series is prone to unauthenicated command injection, which allows an attacker to fully compromise the device from the network. "Korenix Technology, a Beijer group company within the Industrial Communication business area, is a global leading manufacturer providing innovative, market-oriented, value-focused Industrial Wired and Wireless Networking Solutions. With decades of experiences in the industry, we have developed various product lines [...]. Our products are mainly applied...
[EN] Multiple Vulnerabilities in Perten ProcessPlus
Title: Multiple Vulnerabilities Product: Perten ProcessPlus Vulnerable version: <=1.11.6507.0 Fixed version: 2.0.0 CVE: CVE-2024-6911, CVE-2024-6912, CVE-2024-6913 Impact: High Homepage: https://perkinelmer.com/ Found: 2024-04-24 The ProcessPlus measurement software is prone to local file inclusion, uses default MSSQL credentials, and is executed with unnecessarily high privileges. "For 85 years, PerkinElmer has pushed the boundaries of science from food to health to the environment. We’ve always pursued science with a clear purpose – to help our customers achieve theirs. Our expert team brings technology and intangibles, like creativity, empathy, diligence, and a...
Authenticated Command Injection in Helmholz REX100 Router
Title: Authenticated Command Injection Product: Helmholz Industrial Router REX100, MBConnectline mbNET.mini Vulnerable version: <= 2.2.11 Fixed version: 2.2.13 CVE: CVE-2024-5672 Impact: High Homepage: https://www.helmholz.de/, https://mbconnectline.com/ Found: 2024-05-08 The Helmholz REX100 Router ist prone to an authenticated command injection attack. This allows an attacker to gain root access on the router, which usually acts as key infrastructure device in OT. Helmholz is your specialist when it comes to sophisticated products for your automation projects. With current, clever system solutions from Helmholz, the high demands placed on industrial networks in...
[EN] Multiple Vulnerabilities in SEH untserver Pro
Title: Multiple Vulnerabilities Product: SEH utnserver Pro Vulnerable version: 20.1.22 Fixed version: 20.1.28 CVE: CVE-2024-5420, CVE-2024-5421, CVE-2024-5422 Impact: High Homepage: https://www.seh-technology.com/ Found: 2024-03-04 The untserver Pro ist prone to stored cross-site scripting, file disclosure and denial of service attacks. This allows an attacker to deactivate the device or place malicious code in the web interface of the untserver. We are SEH from Bielefeld - manufacturer of high-quality network solutions. With over 35 years of experience in the fields of printing and networks, we offer our customers a broad...
[EN] Multiple Vulnerabilities in ORing IAP420
Title: Multiple Vulnerabilities Product: ORing IAP-420 Vulnerable version: 2.01e Fixed version: - CVE: CVE-2024-5410, CVE-2024-5411 Impact: High Homepage: https://oringnet.com/ Found: 2024-01-19 The ORing IAP420 is prone to authenticated command injection and stored cross-site scripting. Therefore, an attacker can fully compromize the device via the management interface. Founded in 2005, ORing specializes in developing innovative own-branded products for industrial settings. Over the years, ORing has accumulated abundant experience in wired and wireless network communications industry. In line with the commercialization of 5G, ORing has stretched its arm into the...
IoT Malware Analysis with MEDUSA
Motivation At CyberDanube, we're driven by our curiosity regarding fresh embedded/IoT security topics. Therefore, we are constantly researching new threats, leveraging IoT/IIoT honeypots on public internet to intercept attacks in real-time. These insights fuel our internal research and the development of our firmware emulation solution MEDUSA. During an analysis of one of our deployed honeypots, we encountered a command injection exploit attempt that caught our attention. The related Vulnerability is publicly disclosed and has the assigned CVE number 2023-1389, which...
[EN] Automotive Pentesting - Security Paper
Driving the Future: CyberDanube's Automotive Cyber Security Paper In an era of connected automotive technology, the integration of digital innovations elevates our driving experience. However, with progress comes new challenges, especially in cybersecurity. As vehicles become more connected, the risks of cyber threats escalate. CyberDanube addresses these challenges head-on with our latest Security Paper, exploring the intricacies of safeguarding automotive systems. Understanding Cyber Threats to Modern Vehicles Our Security Paper delves into the evolving landscape of cyber threats targeting modern (automotive) cars....
[EN] Multiple Vulnerabilities in Korenix JetNet Series
Title: Multiple Vulnerabilities Product: Korenix JetNet Series Vulnerable version: See "Vulnerable versions" Fixed version: - CVE: CVE-2023-5376, CVE-2023-5347 Impact: High Homepage: https://www.korenix.com/ Found: 2023-08-31 Korenix JetNet series is prone to a unauthenticated firmware upgrade, which leads to remote code execution. "Korenix Technology, a Beijer group company within the Industrial Communication business area, is a global leading manufacturer providing innovative, market-oriented, value-focused Industrial Wired and Wireless Networking Solutions. With decades of experiences in the industry, we have developed various product lines [...]. Our products are mainly applied in SMART...