Author: Cyberthreat Blog

An information-leakage issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. There is a page in the web interface that will show you the device’s serial number, regardless of...

An issue was discovered on Mimosa Client Radios before 2.2.3. In the device’s web interface, there is a page that allows an attacker to use an unsanitized GET parameter to download files from the device as the root user....

Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the mateidu account (a hidden user account established by the vendor). This account can be accessed via both the web interface and SSH....

import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file.

In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash.