Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-1838PUBLISHED: 2022-05-24
A vulnerability classified as critical has been found in Home Clean Services Management System 1.0. This affects an unknown part of admin/login.php. The manipulation of the argument username with the input admin%'/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(5)))JPeh)/**/AND/**/'frfq%'='frfq l...
CVE-2022-1839PUBLISHED: 2022-05-24
A vulnerability classified as critical was found in Home Clean Services Management System 1.0. This vulnerability affects the file login.php. The manipulation of the argument email with the input admin%'/**/AND/**/(SELECT/**/5383/**/FROM/**/(SELECT(SLEEP(2)))JPeh)/**/AND/**/'frfq%'='frfq leads to sq...
CVE-2022-1840PUBLISHED: 2022-05-24
A vulnerability, which was classified as problematic, has been found in Home Clean Services Management System 1.0. This issue affects register.php?link=registerand. The manipulation with the input <script>alert(1)</script> leads to cross site scripting. The attack may be initiated remote...
CVE-2022-26531PUBLISHED: 2022-05-24
Multiple improper input validation flaws were identified in some CLI commands of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG serie...
CVE-2022-26532PUBLISHED: 2022-05-24
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, VPN series firmware versions 4.30 through 5.21, NSG series firmwar...
User Rank: Apprentice
10/30/2015 | 12:53:19 PM
Considering the continuous investment made by China into its cyberspace critical infrastructures, the relevant PLA Units, the mighty Cyberspace Administration of China and the volume of cyberattacks reportedly from Peking as a pipeline of inputs for its civil and military industry, I can't see how China could stop conducting its policy of cyberattacks against the cornucopia of highly sensitive sectorial innovations and global market shares represented by America (and its Western partners).
As a sort of provisional memorandum of agreement, Chinese cyberspying networks might go dormant during a while and would then resurface within a few months because the economic gain is too high as a matter of survival for the hyperpower that China has now become in its partner-competitor relationship with USA, the other hyperpower.
The ThreatConnect-DGI report about the trade in the South China Sea and the deep interest of the Naikon Group in close connection with the region via its intrusion intothe Netherlands-based Permanent Court of Arbitration tribunal provides the reader with some elements of a lucid analysis with regard to current diplomatic, military and economic topics.
Best regards,
Xavier Alfonsi
Analyst in naval and naval aviation affairs and in cyberdefense in Asia-Pacific from original sources in Chinese