SOTTO ATTACCO?
POSSIAMO AIUTARTI

Security Advisory: Solar-Log (CVE-2022-47767)

Tinexta Cyber ha scoperto una backdoor nei dispositivi di monitoraggio fotovoltaico (PV) di Solar-Log GmbH con un impatto su migliaia di clienti. La backdoor consente, in maniera non autenticata, di accedere da remoto alle funzionalità di super admin nell’area riservata del dispositivo.

Security Advisory: Docebo Community Edition <= 4.0.5 (CVE-2022-31361, CVE-2022-31362)

Product description Tinexta Cyber Offensive Security Team has identified multiple vulnerabilities on Docebo Community Edition 4.0.5, an open source e-learning platform also defined as Learning Management System. Technical summary Tinexta Cyber’s Cyber Security Team discovered important vulnerabilities on Docebo CE <= v.4.0.5 Vulnerability CVSS 3.1 Docebo CE <= 4.0.5 – SQL Injection (unauthenticated) 8.6 – High[AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L] […]

Security Advisory: Libnmap <= 0.7.2

Tinexta Cyber Offensive Security Team has identified a severe vulnerability on the python-libnmap Python library (https://pypi.org/project/python-libnmap/).

Security Advisory: Forma LMS (CVE-2022-27104)

Unauthenticated SQL Injection in forma Lms <= 1.4.3 Il Cyber Security Team di Tinexta Cyber ha identificato una vulnerabilità sulle risorse digitali di Forma LMS. Forma Lms Forma Lms è la naturale evoluzione, o un “fork”, dell’ultima versione open source della piattaforma LMS Docebo. Forma Lms è una piattaforma e-learning open source, orientata alle esigenze aziendali: […]

Security Advisory: Emerson – Dixell XWEB-500 Multiple Vulnerabilities (CVE-2021-45420)

1.Technical Summary Tinexta Cyber Offensive Security Team detected some important potential vulnerabilities on: Detected vulnerabilities were: Vulnerability Assets CVSSv3 Severity Arbitrary File Write http://<target>/cgi-bin/logo_extra_upload.cgihttp://<target>/cgi-bin/cal_save.cgihttp://<target>/cgi-bin/lo_utils.cgi 7.5 HIGH Directory Listing http://<target>/cgi-bin/lo_utils.cgi 5.3 MEDIUM In the following section we are reporting some technical details on these vulnerabilities including evidences and proof-of-concepts. 2.Vulnerability details Arbitrary File Write CWE-73: External Control […]

Cyber Incident Emergency Contact

Contact us for immediate support

Abilita JavaScript nel browser per completare questo modulo.
Accettazione GDPR