Blog

Hard-Coded Administrator Password Discovered in OpsRamp Gateway

Version Tested:3.0.0 Product:https://www.opsramp.com/ CVE Numbers:CVE-2020-11543 CVSS Score:10.0 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CWE:CWE-798: Use of Hard-coded Credentials OWASP:https://owasp.org/www-community/vulnerabilities/Use_of_hard-coded_password Summary:During a recent penetration test, CyberOne‘s TEAMARES researchers discovered that OpsRamp Gateway

Read More »

Vulnerabilities Discovered in CIPAce Enterprise Platform

Versions Tested:CIPAce Version < 6.80 Build 2016031401CIPAce Version < 9.1 Build 2019092801 Product:https://www.cipplanner.com/Products/CIPAce/Pages/CPMPlatform.aspx Security Advisories:N/A CVE Numbers: CVE-2020-11586 CVE-2020-11587 CVE-2020-11588 CVE-2020-11589 CVE-2020-11590 CVE-2020-11591 CVE-2020-11592 CVE-2020-11593

Read More »

Regex Revelry

Regular Expressions (Regex) are used to identify strings that defy simple search terms, which infosec and technology professionals use for things like input validation, searching

Read More »

Vulnerabilities Discovered in Tiff Server from AquaForest

Versions Tested: Tiff Server 4.0 Product: https://www.aquaforest.com/en/tiffserver.asp Security Advisories: N/A CVE Numbers: CVE-2020-9323 CVE-2020-9324 CVE-2020-9325 CVSS Score: Unauthenticated File and Directory Enumeration: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:W/RC:C Unauthenticated Arbitrary File

Read More »