Day: July 7, 2020

Multiple vulnerabilities found in CDATA OLTs

By mootiny

Posted by Pierre Kim on Jul 07## Advisory Information

Title: Multiple vulnerabilities found in CDATA OLTs
Advisory URL:
Blog URL:
Date published: 2020-07-07
Vendors contacted: None
Release mode: Full-Disclosure
CVE: None yet assigned

## Product Description

The CDATA OLTs are OEM FTTH OLTs, sold under different brands (Cdata,… …

Four vulnerabilities found in MikroTik’s RouterOS

By mootiny

Posted by Q C on Jul 07Advisory: four vulnerabilities found in MikroTik's RouterOS


Product: MikroTik's RouterOS
Affected Versions: through stable 6.47
Fixed Versions: stable 6.47
Vendor URL:
Vendor Status: fixed version released
CVE: –
Credit: Qian Chen(@cq674350529) of Qihoo 360 Nirvan Team

Product Description

RouterOS is the operating system used on the MikroTik's devices, such as
switch,… …

Microsoft Windows mshta.exe HTA File / XML External Entity Injection

By mootiny

Posted by hyp3rlinx on Jul 07[+] Credits: John Page (aka hyp3rlinx)
[+] Website:
[+] Source:
[+] ISR: ApparitionSec


Windows MSHTA.EXE .HTA File

An HTML Application (HTA) is a Microsoft Windows program whose source
code consists of HTML, Dynamic HTML, and one or more… …

Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service

By mootiny

Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected. The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with…