CSRF

Pierluigi Paganini July 16, 2014
OpenVPN Desktop client affected by a critical CSRF flaw

Researchers at SEC Consult have discovered a CSRF vulnerability in the OpenVPN Desktop Client that can allow remote code execution. Security researchers at SEC Consult have discovered a CSRF flaw in the OpenVPN Desktop client and promptly reported it to the company in May. OpenVPN Desktop Client for its Access Server is an SSL VPN for a variety […]

Pierluigi Paganini January 31, 2014
Lack of auth in 3G/4G USB modems exposes control panels to hackers

Andreas Lindh has discovered serious vulnerabilities in an unknown number of 3G/4G USB modems that can be exploited by attackers for spear phishing attacks.  The researcher Andreas Lindh has discovered serious vulnerabilities in an unknown number of 3G and 4G USB modems that can be exploited by attackers to steal user’s credential. The expert has found a Cross Site […]