Palo Alto Networks PAN-OS:Authentication Bypass in SAML Authentication Vulnerability(PAN-148988)

Summary:   A critical advisory was released by Palo Alto Networks for PAN-OS. PAN OS is the software that runs all Palo Alto Networks next-generation firewalls.   Advisory Link:   Description:   Authentication Bypass vulnerability was found in SAML(Security Assertion Markup Language) Authentication. An unauthenticated network-based attacker can access protected resources due to improper verification of signatures in PAN-OS SAML authentication.    SAML Workflow  SAML … Continue reading “Palo Alto Networks PAN-OS:Authentication Bypass in SAML Authentication Vulnerability(PAN-148988)”

Saltstack multiple Vulnerabilities (CVE-2020-11651, CVE-2020-11652)

Summary: Amidst the global Pandemic, a serious hacking campaign is currently underway, and several companies have been hacked already., that stands in Fortune 500 companies. For the past 24 hours, hackers have been mass-scanning the internet for Salt, a type of software used as configuration management inside data centers, cloud server clusters, and enterprise networks. … Continue reading “Saltstack multiple Vulnerabilities (CVE-2020-11651, CVE-2020-11652)”

OpenBSD Authentication Bypass Vulnerability

 Summary: Qualys researchers discovered an authentication-bypass vulnerability (CVE-2019-19521) in OpenBSD’s authentication system.   An attacker can exploit this issue by sending a specially-crafted username to bypass OpenBSD’s authentication. This vulnerability is remotely exploitable.   Vulnerability: OpenBSD uses BSD Authentication, which is made up of a variety of authentication styles. The vulnerability is composed of 2 following … Continue reading “OpenBSD Authentication Bypass Vulnerability”

Authentication bypass in libssh server : CVE-2018-10933

libssh is open source framework in C that implements SSHv2 protocol. Users can execute programs remotely, transfer files, build secure tunnels etc. An authentication bypass vulnerability was found in the server side implementation of libssh.  All version of libssh from 0.6 and above are vulnerable. CVE-2018-10933 has been assigned to track this issue. The vulnerability … Continue reading “Authentication bypass in libssh server : CVE-2018-10933”

IBM QRadar Authentication Bypass: CVE-2018-1418

Multiple vulnerabilities in IBM QRadar have been disclosed. Upon successful exploitation an attacker can bypass authentication and achieve remote code execution. CVE-2018-1418 has been assigned to track this vulnerability. IBM Qradar is an SIEM tool used to detect and analyze security anomalies. The issue affects QRadar SIEM 7.3.0 to 7.3.1 Patch 2 and 7.2.0 to 7.2.8 … Continue reading “IBM QRadar Authentication Bypass: CVE-2018-1418”

PAN-OS Remote Root Code Execution : CVE-2017-15944

A remote code execution vulnerability has been discovered in the PAN-OS. The vulnerability has been assigned CVE-2017-15944. By exploiting this vulnerability an attacker can achieve arbitrary code execution in root context. The target is the web based management interface provided by the device for configuration and maintenance. The vulnerable versions are PAN-OS before 6.1.19, 7.0.x before 7.0.19, … Continue reading “PAN-OS Remote Root Code Execution : CVE-2017-15944”

Netgear D6000/D3600 Hard-Coded Cryptographic keys and Auth Bypass

While doing firmware analysis for ThreatPROTECT, I came across a firmware running on Netgear D3600 and D6000 series router. So I decided to analyse it because these models have been used in multiple countries. In this blog post, I am going to explain how did I found flaws, which pose a risk to the privacy … Continue reading “Netgear D6000/D3600 Hard-Coded Cryptographic keys and Auth Bypass”