112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 ## Advisory Information Title: 112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges Advisory URL: https://pierrekim.github.io/advisories/2015-iptime-0x00.txt.asc Date published: 2015-04-17 Vendors contacted: K

CVE-2014-7954 MTP path traversal vulnerability in Android

MTP path traversal vulnerability in Android 4.4 --- doSendObjectInfo() method of the MtpServer class implemented in frameworks/av/media/mtp/MtpServer.cpp does not validate the name parameter of the incoming MTP packet at all. It is possible to upload fi

CVE-2014-7951 adb backup archive path traversal file overwrite

ADB backup archive path traversal file overwrite Using adb one can create a backup of his/her Android device and store it on the PC. The backup archive is based on the tar file format. By modifying tar headers to contain ../../ like pattern

CVE-2014-7953 Android backup agent code execution

Android backup agent arbitrary code execution - The Android backup agent implementation was vulnerable to privilege escalation and race condition. An attacker with adb shell access could run arbitrary code as the system (1000) user (or any other valid pa