Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-23119PUBLISHED: 2023-02-02
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes Ubiquiti airFiber AF2X Radio firmware version 3.2.2 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware im...
CVE-2023-23120PUBLISHED: 2023-02-02
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new fi...
CVE-2023-0651PUBLISHED: 2023-02-02
A vulnerability was found in FastCMS 0.1.0. It has been classified as critical. Affected is an unknown function of the component Template Management. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be u...
CVE-2023-23110PUBLISHED: 2023-02-02
An exploitable firmware modification vulnerability was discovered in certain Netgear products. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksu...
CVE-2023-0650PUBLISHED: 2023-02-02
A vulnerability was found in YAFNET up to 3.1.11 and classified as problematic. This issue affects some unknown processing of the component Signature Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...
User Rank: Apprentice
2/17/2019 | 1:26:23 AM
How did I engage? I tried to help a friend, inserted my usb stick, turned on the internet as it was needed for my action and Gradcrab 5.1 activated.
I didn't realize it until I noticed that some files from my usb stick changed names.
I was also amazed by the led of usb stick running wild after turning internet on. I knew something was wrong. That was the crypting doing its job.
In 3 minutes the entire folders with txt, docs and zip files were damaged / encrypted.
Luckly I had backups and so my friend, but one thing is obvious: Windows Defender defended NOTHING.
Other systems from same place with Bitdefender installed with Antiransomware and preboot options active were protected.
This is not advertising to this AV provider, it's just a happy case with one damaged computer from 7.
We saved some encrypted files for future use and see if any decryptor will help, but it will be at least 6 months until one will be public.
Thank you