EUVD-2026-34147

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the intern...

Exploit for Path Traversal in Icinga Icinga_Web_2

Icinga Web 2 - Authenticated Remote Code Execution 2.8.6, 2.9...

SmartRG Router 2.6.13 Remote Code Execution Exploit

Exploit Title: SmartRG Router - Remote Code Execution Exploit Author: Yerodin Richards Vendor Homepage: https://adtran.com Version: 2.5.15 / 2.6.13 confirmed Tested on: SR506n 2.5.15 & SR510n 2.6.13 CVE : CVE-2022-37661 import requests from subprocess import Popen, PIPE routerhost =...

Hasura GraphQL 1.3.3 - Denial of Service Exploit

Exploit Title: Hasura GraphQL 1.3.3 - Denial of Service Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Author: Dolev Farhi Tested on: Ubuntu import sys import requests import threading HASURASCHEME = 'http' HASURAHOST = '192.168.1.1' HASURAPORT = 8...

Hasura GraphQL 1.3.3 - Service Side Request Forgery (SSRF) Exploit

Exploit Title: Hasura GraphQL 1.3.3 - Service Side Request Forgery SSRF Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Tested on: Ubuntu import requests HASURASCHEME = 'http' HASURAHOST = '192.168.1.1' HASURAPORT = 80...

Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service Exploit

Exploit for hardware platform in category dos / poc Exploit Title: Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service PoC Author: Cakes Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Home/detail/id/74.html Tested Version: RTK 2.1.1 Tested on OS: Kal...

Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free Shellcode (156 bytes)

Linux/ARM - Reverse TCP 192.168.1.1:4444/TCP Shell /bin/sh + Password MyPasswd + Null-Free Shellcode 156 bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - Password Protected Reverse Shell TCP /bin/sh. Null free shellcode 156 bytes Date: 2018-01-15 Tested: armv7l Raspberry Pi v3 Autho...

TP-LINK TD-W8151N Denial Of Service

Exploit Title: TP-LINK TD-W8151N - Denial of Service Date: 2016-12-13 Exploit Author: Persian Hack Team Discovered by : Mojtaba MobhaM Home : http://persian-team.ir/ Tested on: Windows AND Linux Demo : https://www.youtube.com/watch?v=WrGgHvhiCGg POC : flagFresh Parameter Vulnerable POST...

TP-LINK TD-W8151N - Denial of Service Vulnerability

Exploit for hardware platform in category dos / poc Exploit Title: TP-LINK TD-W8151N - Denial of Service Date: 2016-12-13 Discovered by : Mojtaba MobhaM Home : http://persian-team.ir/ Tested on: Windows AND Linux Demo : https://www.youtube.com/watch?v=WrGgHvhiCGg POC : flagFresh Parameter...

Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities

Exploit Title : Shuttle Tech ADSL WIRELESS 920 WM - Multiple Vulnerabilities Version: Gan9.8U6X-B-TW-R1B0201T1RP Exploit Author : Persian Hack Team Tested on Win Date 2016/12/05 1. Cross Site Scripting PoC : First We Need To login To Panel And page Parameter Vulnerable to Cross Site Scripting...

hnap-info NSE Script

Retrieve hardwares details and configuration information utilizing HNAP, the "Home Network Administration Protocol". It is an HTTP-Simple Object Access Protocol SOAP-based protocol which allows for remote topology discovery, configuration, and management of devices routers, cameras, PCs, NAS, etc...

ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple Vulnerabilities

No description provided by source. Exploit Title: ZTE ZXDSL 831IIV7.5.0aZ29OV Multiple vulnerabilities Date: 28 / 10 / 2011 . Authors: Mehdi Boukazoula ; Ibrahim Debeche . Software Link with patch : Version: v 831IIV7.5.0aZ29OV Tested on: v 831IIV7.5.0aZ29OV, May Affect all ZTE routers !!...

Sagem [email protected] 3304-V2 Authentication Bypass Vulnerability

Exploit for hardware platform in category web applications Title : Sagem email protected 3304-V2 Authentification Bypass Vendor : http://www.sagemcom.com Severity : High Tested on : Firefox, Google Chrome, Internet Explorer Tested Router : Sagem email protected 3304-V2 3304, 3464, 3504 may also b...

Ability Mail Server 2013 - Password Reset CSRF from Stored XSS (Web UI)

Exploit for windows platform in category web applications On one machine Windows Server 2003, install a new instance of AMS with these configurations 1. Primary Domain: hack.local 2. Enable the WebMail Service 3. Domain Name: hack.local 4. Add a User and set Password. In this case I created a use...

Teracom Modem T2-B-Gawv1.4U10Y-BI - Stored XSS Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Teracom Modem Stored XSS Vulnerability Date: 19-01-2014 Author: Rakesh S Software Link: http://www.teracom.in/ Version: T2-B-Gawv1.4U10Y-BI Tested on: Windows 7 Code : GET...

ONO Hitron CDE-30364 Router Denial Of Service

!/usr/bin/python ----------------------------------------------------------------------------------------- Description: ----------------------------------------------------------------------------------------- Hitron Technologies CDE-30364 is a famous ONO Router. The Hitron Technologies CDE-30364...

Router ONO Hitron CDE-30364 - CSRF Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Router ONO Hitron CDE-30364 - CSRF Vulnerability Date: 14-9-2013 Exploit Author: Matias Mingorance Svensson - matias.msatowasp.org Vendor Homepage:...

Bifrost 1.2d - Remote Buffer Overflow Vulnerability

Exploit for windows platform in category remote exploits !/usr/bin/python2.7 By : Mohamed Clay import socket from time import sleep from itertools import izip, cycle import base64 import threading import sys def rc4cryptdata, key: x = 0 box = range256 for i in range256: x = x + boxi + ordkeyi %...

Zyxel NBG5715 Local admin privileges bypass Vulnerability

Exploit for linux/mips platform in category local exploits ================================================================================================== | | | | / || '|\ \ /\ / /\ / /| '|\ \ /\ / /\ / /| '|\ \ /\ / /\ / / | | || | \ V V / Vendor: ZyXEL Products Affected: NBG5715...

D-Link DSL-2740B Authentication Bypass

+------------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : D-Link DSL-2740B ADSL Router Authentication Bypass Date : 10-02-2013 Author : Ivano Binetti http://ivanobinetti.com Vendor site :...