Mastodawn

OffSequence

126 Followers

0 Following

2.4K Posts

OffSeq is a cybersecurity company enhancing organizational digital resilience through comprehensive protection against evolving cyber threats. We offer specialized services for businesses of all sizes, with particular expertise in Baltic, Scandinavian, Belgian markets and EU regulatory compliance.

Website	https://offseq.com
Threat Radar	https://radar.offseq.com
Guard	https://guard.offseq.com
Breach	https://breach.offseq.com
Training & Certifications	https://training.offseq.com

OffSequence 1h ago

⚠️ CRITICAL: Buffer overflow in D-Link DI-8100 (16.07.26A1) via /url_rule.asp POST handler. Remote, unauthenticated RCE possible. Public exploit available. No official patch yet. Details: https://radar.offseq.com/threat/cve-2026-7854-buffer-overflow-in-d-link-di-8100-87d0fee7 #OffSeq #CVE20267854 #Vuln #IoTSecurity

OffSequence 2h ago

🚩 CRITICAL: OpenCTI-Platform opencti (6.6.0 – 6.9.12) hit by CVE-2026-27960 (improper authentication). Unauthenticated attackers can impersonate any user, even admin. Upgrade to 6.9.13 or disable default admin ASAP. https://radar.offseq.com/threat/cve-2026-27960-cwe-287-improper-authentication-in--0f5e78f0 #OffSeq #Vuln #CVE202627960

OffSequence 4h ago

🚨 CRITICAL: dataease SQLBot <1.7.1 (CVE-2026-33324) is vulnerable to SQL injection via prompt injection. Authenticated users can trigger RCE on PostgreSQL. Upgrade to 1.7.1+ now! https://radar.offseq.com/threat/cve-2026-33324-cwe-89-improper-neutralization-of-s-5605c7fd #OffSeq #SQLInjection #Vuln

OffSequence 5h ago

🚨 PHPOffice PhpSpreadsheet CRITICAL vuln (CVE-2026-34084): RCE & SSRF possible via user input to IOFactory::load() (phar://, ftp://, ssh2.sftp://). Affected: v1.x – 5.5.0. Upgrade to a fixed version now! https://radar.offseq.com/threat/cve-2026-34084-cwe-502-deserialization-of-untruste-a9be2322 #OffSeq #CVE202634084 #infosec #php

OffSequence 7h ago

🚨 CVE-2026-34458: Sandboxie-Plus (<=1.17.2) has a CRITICAL CRLF injection bug. Local users can inject config, escape sandboxes, and escalate to SYSTEM. Patch to 1.17.3 ASAP! https://radar.offseq.com/threat/cve-2026-34458-cwe-93-improper-neutralization-of-c-e575dfc0 #OffSeq #SandboxiePlus #Vuln #PrivilegeEscalation

OffSequence 20h ago

🚨 CVE-2026-41924 (CRITICAL): OS command injection in WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) enables unauthenticated remote shell command execution. No patch yet — immediate isolation & monitoring advised. https://radar.offseq.com/threat/cve-2026-41924-improper-neutralization-of-special--62b0b2d6 #OffSeq #Vuln #IoTSecurity

OffSequence 22h ago

🛑 CRITICAL: CVE-2026-41925 in WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) enables unauth OS command injection via reboot_time param. No patch yet — disable remote mgmt or isolate device. https://radar.offseq.com/threat/cve-2026-41925-improper-neutralization-of-special--d33e9e36 #OffSeq #Infosec #IoTSecurity

OffSequence 23h ago

🔴 CRITICAL: CVE-2026-40797 in WebinarIgnition (≤4.08.253) enables unauthenticated Blind SQL Injection. No patch yet — use WAF, validate inputs, restrict DB perms. High confidentiality risk. Details: https://radar.offseq.com/threat/cve-2026-40797-cwe-89-improper-neutralization-of-s-1958ecd4 #OffSeq #SQLInjection #WebinarIgnition

OffSequence 1d ago

🚨 CRITICAL: OS command injection (CVE-2026-7823) in Totolink A8000RU v7.1cu.643_b20200521. Remote attackers can execute OS cmds — no auth needed. No patch yet; restrict access & monitor updates. https://radar.offseq.com/threat/cve-2026-7823-os-command-injection-in-totolink-a80-8f67ff3e #OffSeq #Vulnerability #RouterSecurity

OffSequence 1d ago

🚨 CRITICAL: CVE-2026-5294 in Geeky Bot WP plugin (≤1.2.2) allows unauthenticated RCE by installing arbitrary plugins via an exposed AJAX endpoint. Disable or remove plugin & monitor for patches. https://radar.offseq.com/threat/cve-2026-5294-cwe-862-missing-authorization-in-ahm-a69c64e2 #OffSeq #WordPress #Vuln #InfoSec

OffSequence 1d ago