SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.
Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers to execute arbitrary commands with root privileges. We recommend to update Teltonika RUT9XX routers to version RUT9XX_R_00.05.01.1 or later. For further details, see the full security advisory. Read More
Smarty 3.1.32 or below is prone to a path traversal vulnerability due to insufficient sanitization of code in Smarty templates. This allows attackers controlling the Smarty template to bypass the trusted directory security restriction and read arbitrary files. We recommend to update Smarty to version 3.1.33 or later. For further details, see the full security advisory. Read More
phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned WHOIS data. This allows attackers controlling the WHOIS information of a requested domain to execute arbitrary PHP code in the context of the application. We recommend to update phpWhois to version jsmitty12: 5.1.0 or later. For further details, see the full security advisory. Read More
SQL injection vulnerability in the RXTEC RXAdmin Login Page allows remote attackers to execute arbitrary SQL commands via several HTTP parameter. Read More
Polycom BToE Connector up to version 2.3.0 allows unprivileged windows users to execute arbitrary code with SYSTEM privileges. We recommend to update Polycom BToE Connector to version 3.0.0 or later. For further details, see the full security advisory. Read More
The vulnerability is caused by a buffer overflow in a memcpy operation when parsing specailly crafted KNXnet/IP packets in the Group messages monitor (aka. Falcon). An according proof-of-concept exploit which was tested on an affected ETS version installed on a Windows XP SP3 can be found below. The proof-of-concept exploit generates the UDP packet which triggers the vulnerability and should at least crash the application (it requires python and scapy to run). Read More
Alexander Schatten, senior researcher at SBA Research and Marco Reiser published an interesting article on "What programming at prompt level leads to". Where can AI systems really help programmers and is the approach taken here really new? This article takes a look at their role. ... ∞