Roteador Wireless Intelbras WRN150 Authentication Bypass

Exploit Title: Autentication Bypass/Config file download - INTELBRAS WRN150 Date: 28/09/2017 Exploit Author: Elber Tavares Vendor Homepage: http://intelbras.com.br/ Version: Intelbras Wireless N 150 Mbps - WRN 150 Tested on: kali linux, windows 7, 8.1, 10 For more info:...

CVE-2017-2551

Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup file for download...

Design/Logic Flaw

Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup file for download...

WordPress BackWPup plugin <=3.4.1 - Unrestricted Backup File Download

Unrestricted Backup File Download vulnerability found by Larry W. Cashdollar in WordPress BackWPup plugin versions =3.4.1. Backup files are stored insecurely and could be discovered by Google dork and exploited further even for brute-forcing. Solution Update the WordPress BackWPup plugin to the...

CVE-2017-2551

Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup file for download...

DIGISOL DG-BG1100N ROM-0 Backup File Disclosure

Exploit Title : ROM-0 Backup File Disclosure on DIGISOL Date : 24-08-2017 Exploit Author : Sudin nk Vendor Homepage: http://www.digisol.com Tested Routers : DG-BG1100N ADSL 2/2+ Modem Wifi Router Tested on : Parrotsec x8664 ROM-0 Backup File Disclosure on DIGISOL A dangerous vulnerability present...

GLPI front/backup.php file arbitrary file deletion vulnerability

GLPI is an open source IT resource management suite maintained by the Indepnet Association. The suite includes features such as device status management, asset inventory storage, management processes and work log management. A security vulnerability exists in the front/backup.php file in versions...

UBUNTU-CVE-2017-11183

front/backup.php in GLPI before 9.1.5 allows remote authenticated administrators to delete arbitrary files via a crafted file parameter...

LibTIFF - tif_dirwrite.c Denial of Service

LibTIFF - tifdirwrite.c Denial of Service Source: http://bugzilla.maptools.org/showbug.cgi?id=2712 Triggered by "./tiffset POC1" $ ./tiffset POC1 TIFFReadDirectory: Warning, Unknown field with tag 302 0x12e encountered. TIFFReadDirectory: Warning, Unknown field with tag 61961 0xf209 encountered...

CVE-2017-7317

An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...

Design/Logic Flaw

An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...

CVE-2017-7315

CVE-2017-7315 concerns Humax Digital HG100R devices (version 2.0.6). The vulnerability enables download of the backup file without authentication, and GatewaySettings.bin includes the router credentials in plaintext. This exposes sensitive credentials and configuration to an attacker who can obta...

CVE-2017-7315

An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's not necessary to use credentials, and the router credentials are stored in plaintext inside the backup, aka GatewaySettings.bin...

CVE-2017-7317

An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root credentials in the backup file, aka GatewaySettings.bin...

Humax Digital HG100R Root Credentials Disclosure Vulnerability

The Humax Digital HG100R is a router from the Korean company Humax Digital. A security vulnerability exists in the Humax Digital HG100R version 2.0.6. The vulnerability can be exploited by an attacker to obtain the root certificate from a backup file...

Humax Digital HG100R 2.0.6 XSS / Information Disclosure

Humax Digital HG100R multiple vulnerabilities Device: Humax HG100R Software Version: VER 2.0.6 - Backup file download CVE-2017-7315 An issue was discovered on Humax Digital HG100R 2.0.6 devices, a modem commonly used by ISPs to provide ADSL internet service to household and small business users...

HUMAX Gateway Backup File Download Vulnerability

Humax HG100R devices are prone to a backup file download vulnerability. This file contains sensitive information which may lead to further attacks. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Humax HG100R 2.0.6 - Backup File Download Exploit

Exploit for hardware platform in category web applications coding: utf-8 Exploit Title: Humax Backup file download Date: 29/06/2017 Exploit Author: gambler Vendor Homepage: http://humaxdigital.com Version: VER 2.0.6 Tested on: OSX Linux CVE : CVE-2017-7315 import sys import base64 import shodan...

Humax HG100R 2.0.6 - Backup File Download

Humax HG100R 2.0.6 - Backup File Download coding: utf-8 Exploit Title: Humax Backup file download Date: 29/06/2017 Exploit Author: gambler Vendor Homepage: http://humaxdigital.com Version: VER 2.0.6 Tested on: OSX Linux CVE : CVE-2017-7315 import sys import base64 import shodan import requests...

Foscam camera Configuration Backup File Hardcoded Protection Vulnerability

Foscam camera is a webcam that pushes messages to your phone and also enables video Baidu cloud storage directly through WIFI. Foscam camera has a configuration backup file protected by hardcoding vulnerability, the encrypted Foscam device configuration file contains the administrator password, t...