all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-24-847: (Pwn2Own) Alpine Halo9 Missing Authentication Information Disclosure Vulnerability

Add to bookmarks
June 21, 2024, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.3. The following CVEs are assigned: CVE-2024-23962.

alpine attackers authentication cve cve-2024 cves cvss devices disclosure exploit information information disclosure information disclosure vulnerability missing pwn2own rating sensitive sensitive information vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-883: Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability 3 days, 11 hours ago | www.zerodayinitiative.com
arbitrary code attackers authentication code +14
ZDI-24-882: VMware vCenter Server Appliance License Server Uncontrolled Memory Allocation Denial-of-Service Vulnerability 4 days, 11 hours ago | www.zerodayinitiative.com
attackers authentication cve cve-2024 +16
ZDI-24-840: (Pwn2Own) Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
arbitrary code attackers authentication buffer +25
ZDI-24-839: (Pwn2Own) Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
arbitrary code attackers authentication cam +21
ZDI-24-838: (Pwn2Own) Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
arbitrary code attackers authentication cam +23
ZDI-24-837: (Pwn2Own) Wyze Cam v3 Realtek Wi-Fi Driver Heap-Based Buffer Overflow Remote Code Execution Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
arbitrary code attackers authentication buffer +24
ZDI-24-836: (Pwn2Own) Synology BC500 update_ntp_config Command Injection Remote Code Execution Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
arbitrary code attackers authentication cameras +16
ZDI-24-835: (Pwn2Own) Synology BC500 Protection Mechanism Failure Software Downgrade Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
attackers authentication cameras cvss +11
ZDI-24-834: (Pwn2Own) Synology BC500 Improper Compartmentalization Local Privilege Escalation Vulnerability 1 week, 1 day ago | www.zerodayinitiative.com
attacker attackers cameras code +18

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Watch Officer and Operations Officer

@ Interclypse | Arlington, VA, US
View on infosec-jobs.com

Sales Development Representative

@ Devo | United States
View on infosec-jobs.com

Principal Software Engineer

@ Oracle | Seattle, WA, United States
View on infosec-jobs.com

Engineering Manager, Cloud - TDIR (Remote)

@ CrowdStrike | USA CA Remote
View on infosec-jobs.com

Linux System Administrator II

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

Linux System Administrator

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com