EXODUS BLOG

Advisories

Softaculous Webuzo Authentication Bypass

JULY 25, 2024
EIP-ce40b086 Softaculous Webuzo contains an authentication bypass vulnerability through the password reset functionality. Remote, anonymous attackers can exploit this vulnerability to gain full server access as the root user. Vulnerability Identifier Exodus Intelligence: EIP-ce40b086...
Read More

Softaculous Webuzo FTP Management Command Injection

JULY 25, 2024
EIP-4ab5e9b4 Softaculous Webuzo contains a command injection vulnerability in the FTP management functionality. A remote, authenticated attacker can exploit this vulnerability to gain code execution on the system. Vulnerability Identifier Exodus Intelligence: EIP-4ab5e9b4 MITRE:...
Read More

Softaculous Webuzo Password Reset Command Injection

JULY 25, 2024
EIP-92dd8e27 Softaculous Webuzo contains a command injection in the password reset functionality. A remote, authenticated attacker can exploit this vulnerability to gain code execution on the system. Vulnerability Identifier Exodus Intelligence: EIP-92dd8e27 MITRE: CVE-2024-24622...
Read More

Motorola MR2600 Authentication Bypass Vulnerability

JANUARY 25, 2024
EIP-73ad9c0b An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An attacker can exploit this vulnerability to access protected URLs and retrieve sensitive information. Vulnerability Identifier Exodus Intelligence: EIP-73ad9c0b MITRE:...
Read More

Motorola MR2600 Arbitrary Firmware Upload Vulnerability

JANUARY 25, 2024
EIP-d52674b0 An arbitrary firmware upload vulnerability exists in the Motorola MR2600. An attacker can exploit this vulnerability to achieve code execution on the device. Authentication is required, however can be bypassed. Vulnerability Identifier Exodus...
Read More
1 2 9