Advisories

Not only did @SinSinology Rick Roll the Ubiquity charger, he turned on the camera, which is normally disabled by the manufacturer. He’s off to the disclosure room to provide all the details. pic.twitter.com/rxUYHXVTQk

— Zero Day Initiative (@thezdi) January 26, 2024

• (Pwn2Own) Ubiquiti Networks EV Station setDebugPortEnabled Exposed Dangerous Method Remote Code Execution Vulnerability

• (Pwn2Own) Phoenix Contact CHARX SEC-3100 Filename Command Injection Remote Code Execution Vulnerability

• (Pwn2Own) Phoenix Contact CHARX SEC-3100 Missing Encryption Authentication Bypass Vulnerability

• (Pwn2Own) Phoenix Contact CHARX SEC-3100 Untrusted Search Path Local Privilege Escalation Vulnerability

• Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal Remote Code Execution Vulnerability

• Progress Software WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability

• Progress Software WhatsUp Gold OnMessage Deserialization of Untrusted Data Remote Code Execution Vulnerability

• Progress Software WhatsUp Gold SessionControler Server-Side Request Forgery Information Disclosure Vulnerability

• Progress Software WhatsUp Gold InstallController Denial-of-Service Vulnerability

• Progress Software Telerik Reporting Register Authentication Bypass Vulnerability

• Progress Software WhatsUp Gold Missing Authentication GetWindowsCredential Information Disclosure Vulnerability

• Progress Software WhatsUp Gold GetASPReport Server-Side Request Forgery Information Disclosure Vulnerability

• Progress Software WhatsUp Gold SetAdminPassword Improper Access Control Privilege Escalation Vulnerability

• Progress Software WhatsUp Gold LoadUsingBasePath Directory Traversal Information Disclosure Vulnerability

• Progress Software WhatsUp Gold LoadCSSUsingBasePath Directory Traversal Information Disclosure Vulnerability

• Schneider Electric IGSS DashFiles Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2023-3001)

• Schneider Electric IGSS UpdateService Exposed Dangerous Method Local Privilege Escalation Vulnerability (CVE-2023-3001)

• Schneider Electric EcoStruxure Power Monitoring Expert GetFilteredSinkProvider Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2023-5391)

• Schneider Electric Easergy Studio InitializeChannel Deserialization of Untrusted Data Local Privilege Escalation Vulnerability (CVE-2023-7032)

• D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability (CVE-2023-51629)

• D-Link DCS-8300LHV2 ONVIF SetHostName Stack-Based Buffer Overflow Remote Code Execution Vulnerability (CVE-2023-51628)

• D-Link DCS-8300LHV2 ONVIF Duration Stack-Based Buffer Overflow Remote Code Execution Vulnerability (CVE-2023-51627)

• D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Username Stack-Based Buffer Overflow Remote Code Execution Vulnerability (CVE-2023-51626)

• D-Link DCS-8300LHV2 ONVIF SetSystemDateAndTime Command Injection Remote Code Execution Vulnerability (CVE-2023-51625)

• CODESYS Development System Improper Enforcement of Message Integrity Remote Code Execution Vulnerability (CVE-2023-3663)

• CODESYS Development System Exposure of Resource to Wrong Sphere Local Privilege Escalation Vulnerability (CVE-2023-3670)

• (Pwn2Own) Lexmark CX331adwe Missing Authentication Remote Code Execution Vulnerability / Remote Code Execution (CVE-2023-50737)

• Hewlett Packard Enterprise OneView Backup Hard-coded Cryptographic Key Remote Code Execution Vulnerability / Remote Code Execution (CVE-2023-30912)

• Hewlett Packard Enterprise OneView resetAdminPassword Authentication Bypass Vulnerability / Remote Code Execution (CVE-2023-30908)

• SolarWinds ARM Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2023-35182)

• SolarWinds Access Rights Manager OpenFile Directory Traversal Remote Code Execution Vulnerability (CVE-2023-35185)

• SolarWinds Access Rights Manager Directory Traversal Remote Code Execution Vulnerability (CVE-2023-35187)

• VMware Aria Operations for Networks (Formerly vRealize Network Insight) Deserialization Vulnerability (CVE-2023-20888)

• VMware Aria Operations for Networks (Formerly vRealize Network Insight) Information Disclosure Vulnerability (CVE-2023-20889)

• Ubiquiti UI Desktop Local Privilege Escalation ( CVE-2023-28122)

• Ubiquiti UI Desktop Local Privilege Escalation (CVE-2023-28123)

• Ubiquiti UI Desktop Local Privilege Escalation (CVE-2023-28124)

• D-Link G416 awsfile rm Command Injection Remote Code Execution Vulnerability (CVE-2023-50217)

• D-Link G416 awsfile tar File Handling Command Injection Remote Code Execution Vulnerability (CVE-2023-50216)

• D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability (CVE-2023-50215)

• D-Link G416 nodered tar File Handling Command Injection Remote Code Execution Vulnerability (CVE-2023-50214)

• D-Link G416 nodered File Handling Command Injection Remote Code Execution Vulnerability (CVE-2023-50213)

• D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure Vulnerability (CVE-2023-50212)

• D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2023-50211)

• D-Link G416 httpd API-AUTH Digest Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2023-50210)

• D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability (CVE-2023-50209)

• D-Link G416 ovpncfg Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVE-2023-50208)

• D-Link G416 flupl filename Command Injection Remote Code Execution Vulnerability (CVE-2023-50207)

• D-Link G416 flupl query_type edit Command Injection Remote Code Execution Vulnerability (CVE-2023-50206)

• D-Link G416 awsfile chmod Command Injection Remote Code Execution Vulnerability (CVE-2023-50205)

• D-Link G416 flupl pythonapp Command Injection Remote Code Execution Vulnerability (CVE-2023-50204)

• D-Link G416 nodered chmod Command Injection Remote Code Execution Vulnerability (CVE-2023-50203)

• D-Link G416 flupl pythonmodules Command Injection Remote Code Execution Vulnerability (CVE-2023-50202)

• D-Link G416 cfgsave upusb Command Injection Remote Code Execution Vulnerability (CVE-2023-50201)

• D-Link G416 cfgsave backusb Command Injection Remote Code Execution Vulnerability (CVE-2023-50200)

• D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution Vulnerability (CVE-2023-50199)
• D-Link G416 cfgsave Command Injection Remote Code Execution Vulnerability (CVE-2023-50198)
• VMware Cloud Foundation (NSX-V) XML External Entity (XXE) Bulnerability (CVE-2022-31678)
• VMware Cloud Foundation (NSX-V) Remote Code Execution Vulnerability (CVE-2021-39144)