Autore: Angelo Barbosa

A vulnerability classified as problematic was found in INW Krbyyyzo 25.2002. Affected by this vulnerability is an unknown functionality of the file /gbo.aspx of the component Daily Huddle Site. The manipulation of the argument s leads to resource consumption. This vulnerability is known as CVE-2024-12345. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to disable the affected component. Other endpoints might be affected as...

A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown function of the file /usr_account_set.cgi of the component HTTP GET Request Handler. The manipulation of the argument username/password leads to use of get request method with sensitive query strings. This vulnerability is traded as CVE-2025-0730. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early. They reacted very professional and provided a pre-fix version for their customers. It is recommended to upgrade the affected component. The vendor was contacted early. They reacted very professional and provided a pre-fix version for their...

A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to clickjacking. The identification of this vulnerability is CVE-2025-0729. The attack may be initiated remotely. There is no exploit available. The vendor was contacted early. They reacted very professional and provided a pre-fix version for their customers. It is recommended to upgrade the affected component. The vendor was contacted early. They reacted very professional and provided a pre-fix version for their...

A vulnerability was found in OTRS and OTRS Community Edition up to 7.0.x/8.0.x/2023.x/2024.x/2025.1.x. It has been declared as critical. This vulnerability affects unknown code of the component HTTP Response Header Handler. The manipulation leads to unrestricted upload. This vulnerability was named CVE-2024-43445. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected...

A vulnerability was found in OTRS and OTRS Community Edition up to 7.0.x/8.0.x/2023.x/2024.x/2025.1.x. It has been classified as critical. This affects an unknown part of the component Generic Interface Module. The manipulation leads to improper privilege management. This vulnerability is uniquely identified as CVE-2024-43446. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected...