CVE-2017-9495
https://notcve.org/view.php?id=CVE-2017-9495
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to read arbitrary files by pressing "EXIT, Down, Down, 2" on an RF4CE remote to reach the diagnostic display, and then launching a Remote Web Inspector script. El firmware Comcast en los dispositivos Motorola MX011ANM (versión de firmware MX011AN_2.9p6s1_PROD_sey), permite a los atacantes físicamente cercanos leer archivos arbitrarios presionando "EXIT, Down, Down, 2" en un control remoto RF4CE para llegar a la pantalla de diagnóstico y luego activar un script del Inspector Web Remoto. • https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-39.arbitrary-file-read.txt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-7936
https://notcve.org/view.php?id=CVE-2015-7936
Cross-site request forgery (CSRF) vulnerability in Motorola Solutions MOSCAD IP Gateway allows remote attackers to hijack the authentication of administrators for requests that modify a password. Vulnerabilidad de CSRF en Motorola Solutions MOSCAD IP Gateway permite a atacantes remotos secuestrar la autenticación de administradores para peticiones que modifican una contraseña. • http://www.securityfocus.com/bid/79624 https://ics-cert.us-cert.gov/advisories/ICSA-15-351-02 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2015-7935
https://notcve.org/view.php?id=CVE-2015-7935
Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors. Motorola Solutions MOSCAD IP Gateway permite a atacantes remotos leer archivos arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/79624 https://ics-cert.us-cert.gov/advisories/ICSA-15-351-02 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-1496 – Motorola Scanner SDK ScannerService.exe Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2015-1496
Motorola Scanner SDK uses weak permissions for (1) CoreScanner.exe, (2) rsmdriverproviderservice.exe, and (3) ScannerService.exe, which allows local users to gain privileges via unspecified vectors. Motorola Scanner SDK utiliza permisos débiles para (1) CoreScanner.exe, (2) rsmdriverproviderservice.exe, y (3) ScannerService.exe, lo que permite a usuarios locales ganar privilegios a través de vectores no especificados. This vulnerability allows local attackers to execute arbitrary code with elevated privileges on vulnerable installations of Motorola Scanner SDK. Authentication is not required to exploit this vulnerability. The specific flaw exists within the file permissions (ACLs) on an installed directory. ScannerService.exe is vulnerable to tampering by all users. • http://www.zerodayinitiative.com/advisories/ZDI-15-035 http://www.zerodayinitiative.com/advisories/ZDI-15-036 http://www.zerodayinitiative.com/advisories/ZDI-15-037 https://portal.motorolasolutions.com/Support/US-EN/Resolution?solutionId=87666 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-1495 – Motorola Scanner SDK OPOSScale.ocx Open Method Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1495
Multiple stack-based buffer overflows in Motorola Scanner SDK allow remote attackers to execute arbitrary code via a crafted string to the Open method in (1) IOPOSScanner.ocx or (2) IOPOSScale.ocx. Múltiples desbordamientos de buffer basado en pila en Motorola Scanner SDK permiten a atacantes remotos ejecutar código arbitrario a través de una cadena manipulada en el método Open en (1) IOPOSScanner.ocx o (2) IOPOSScale.ocx. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Motorola Scanner SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the IOPOSScale Open method which performs an unbounded string copy operation into a fixed-length stack buffer using attacker-supplied input. A remote attacker can leverage this to execute arbitrary code under the context of the browser process. • http://www.zerodayinitiative.com/advisories/ZDI-15-033 http://www.zerodayinitiative.com/advisories/ZDI-15-034 https://portal.motorolasolutions.com/Support/US-EN/Resolution?solutionId=87666 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •