A critical vulnerability is discovered in Rivest Cipher 4 software stream cipher. In cryptography, RC4 is one of the most used software-based stream ciphers in the world. The cipher is included in popular Internet protocols such as Transport Layer Security (TLS). It is a very simple cipher when compared to competing algorithms of the same […]

Read More →

SecPod Research Team member (Antu Sanadi) has found a Denial Of Service Vulnerability in Oxide Webserver. The vulnerability is caused by an error in handling some crafted characters in HTTP GET requests, which allows remote attackers to crash the service. More information can be found here. Welcome any feedback or suggestion. Cheers! SecPod Research Team

Read More →

SecPod Research Team member (Prabhu S Angadi) has found Multiple Cross Site Scripting Vulnerabilities in GoAhead WebServer. The vulnerability is caused by improper validation of input to ‘name’ & ‘address’ parameters in /goform/formTest page. This may allow an attacker to steal cookie-based authentication credentials or inject arbitrary HTML code and launch further attacks. More information […]

Read More →