Videos

Wed
17
Jun
Editorial_Staff_Team's picture

ZTE ZXV10 W300 v3.1.0c_DR0 - Remote Session Delete Vulnerability

ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Configuration Vulnerability

A session vulnerability has been discovered in the official ZTE Corporation ZXV10 W300 v3.1.0c_DR0 modem hardware. The security vulnerability allows remote attackers to block/shutedown or delete network settings and components.

Fri
05
Jun
Editorial_Staff_Team's picture

1 Click Audio Software 2.3.6 (Video) - 2x ActiveX Buffer Overflow Vulnerabilities

1 Click Audio Software 2.3.6 (Video) - 2x ActiveX Buffer Overflow Vulnerabilities

Today the independent researcher metacom disclosed two issues in the dvdtools software 1click audio v2.3.6. The security vulnerability is located in the COM component in the SkinCrafter.dll. The independent security researcher demonstrates in two videos how to exploit the bug via activex component.

The security risk of the buffer overflow vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 6.1. Exploitation of the vulnerability requires a low privilege system user account and no user interaction. Successful exploitation of the vulnerability results in system compromise by elevation of privileges via overwrite of the registers.

Pages

Subscribe to RSS - Videos