Jan 30 2025 5 mins 513
PCAPs or It Didn't Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary]
https://isc.sans.edu/diary/PCAPs%20or%20It%20Didn%27t%20Happen%3A%20Exposing%20an%20Old%20Netgear%20Vulnerability%20Still%20Active%20in%202025%20%5BGuest%20Diary%5D/31638
RCE Vulnerablity in AI Development Platform Lightning AI
Noma Security discovered a neat remote code execution vulnerability in Lightning AI. This vulnerability is exploitable by tricking a logged in user into clicking a simple link.
https://noma.security/noma-research-discovers-rce-vulnerability-in-ai-development-platform-lightning-ai/
Canon Laser Printers and Small Office Multifunctional Printer Vulnerabilities
Canon fixed three different vulnerablities affecting various laser and small office multifunctional printers. These vulnerabilities may lead to remote code execution, and there are some interesting exploit opportunities
https://www.usa.canon.com/support/canon-product-advisories/service-notice-regarding-vulnerability-measure-against-buffer-overflow-for-laser-printers-and-small-office-multifunctional-printers
Deepseek ClickHouse Database Leak
https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak
