SQL injection in the backend API for SeTracker smartwatches of shenzhen sanjitongchuang electronic co. LTD
Area: Smart Watches
Criticality: high
Status: fixed
Published on 2024-09-18
Vulnerability Hub
The National Test Institute for Cybersecurity NTC regularly conducts independent and neutral security tests of networked infrastructures, devices and applications. Vulnerability disclosure ensures a relevant impact on society, and serves our commitment to Switzerland's security and digital sovereignty.
The Vulnerability Hub lists the most relevant vulnerabilities identified by the NTC, free and open. Further details about the products tested and the vulnerabilities identified may be provided on a case-by-case basis. Please use the contact form.
Please note that the following list is only a selection of NTC's work.
94 Results
List
Vulnerability
Area
Criticality
Status
Published on
Publicly exposed webshell on a webserver of shenzhen sanjitongchuang electronic co. LTD
Area: Smart Watches
Criticality: high
Status: fixed
Published on 2024-09-18
Hardcoded WebRTC credentials in a mobile app of an international baby monitor vendor
Area: Surveillance
Criticality: high
Status: fixed
Published on 2024-09-16
SQL injections in web applications of a Swiss health information center
Area: Swiss Health Sector
Criticality: high
Status: fixed
Published on 2024-08-28
Exposed admin panels of a Swiss e-health solutions provider's health databases
Area: Swiss Health Sector
Criticality: medium
Status: fixed
Published on 2024-08-22
SQL injections in web applications of a Swiss e-health solutions provider
Area: Swiss Health Sector
Criticality: high
Status: fixed
Published on 2024-08-14
Cross-App Scripting vulnerability in a mobile app of an international smart home device manufacturer
Area: Other
Criticality: low
Status: fixed
Published on 2024-07-24
Misconfigured exported content provider in a Swiss emergency mobile app
Area: Other
Criticality: low
Status: fixed
Published on 2024-07-23
Cross-App Scripting vulnerability in a Swiss emergency mobile app
Area: Other
Criticality: low
Status: fixed
Published on 2024-07-23
Misconfigured exported activity in a Swiss emergency mobile app
Area: Other
Criticality: low
Status: fixed
Published on 2024-07-23
Misconfigured webview in a Swiss emergency mobile app
Area: Other
Criticality: low
Status: fixed
Published on 2024-07-23
Unsanitized deeplink in a Swiss emergency mobile app
Area: Other
Criticality: low
Status: fixed
Published on 2024-07-23
Exposed server information on military sport info page
Area: Other
Criticality: low
Status: fixed
Published on 2024-06-27
Cross-App Scripting vulnerability in the Microsoft Authentication Library for .NET
Area: Open Source
Criticality: low
Status: fixed
Published on 2024-06-25
Remote code execution through server-side template injection in Peering Manager
Area: Open Source
Criticality: high
Status: fixed
Published on 2024-06-25
Cross-site scripting on the router page in Peering Manager
Area: Open Source
Criticality: medium
Status: fixed
Published on 2024-06-25
Open redirection using the return_url parameter in Peering Manager
Area: Open Source
Criticality: low
Status: fixed
Published on 2024-06-25
Exposed backup file on a Swiss dental centre's development website
Area: Swiss Health Sector
Criticality: medium
Status: fixed
Published on 2024-06-20
Exposed work schedule website backup of a Swiss hospital group
Area: Swiss Health Sector
Criticality: high
Status: fixed
Published on 2024-06-20
Broken access control for the work schedule website of a Swiss hospital group
Area: Swiss Health Sector
Criticality: high
Status: fixed
Published on 2024-06-20
SQL injection in the work schedule website of a Swiss hospital group
Area: Swiss Health Sector
Criticality: high
Status: fixed
Published on 2024-06-20
Exposed Spring Boot Actuator in a web app of a Swiss insurance company
Area: Swiss Health Sector
Criticality: medium
Status: fixed
Published on 2024-06-20
Exposed website backup of a Swiss medical centre
Area: Swiss Health Sector
Criticality: medium
Status: fixed
Published on 2024-06-20
Exposed software binaries on the website of a Swiss software development company
Area: Swiss Health Sector
Criticality: high
Status: fixed
Published on 2024-06-20
Leaked ftp server credentials of a Swiss software development company
Area: Swiss Health Sector
Criticality: high
Status: fixed
Published on 2024-06-20