84 matches found
EUVD-2017-7785
Malware in sbrugna...
EUVD-2017-7791
Malware in sbrugna...
📄 Turn off PC 1.0 Unauthenticated Remote System Control
Turn Off PC version 1.0 exposes an unsecured socket port 8081 allowing complete remote power control shutdown, restart, sleep without authentication, enabling system disruption attacks. Exploit Title: Turn Off PC 1.0 - Unauthenticated Remote System Control Shutdown/Restart/Sleep Date: 02/07/25...
📄 AnyCommand 1.2.7 Unauthenticated Live Desktop Stream Access
AnyCommand 1.2.7 exposes a live MJPEG screen stream at http://target:8081/stream without access control. Unauthenticated attackers can directly access and view the victim’s live screen feed without triggering any prompts or requiring a valid session. Exploit Title: AnyCommand 1.2.7 -...
CVE-2018-16710
OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. NOTE: the vendor disputes the significance of this report because their documentation states that with "blind port forwarding ... Putting OctoPrint onto the...
ChurchRota 2.6.4 - RCE (Authenticated)
Exploit Title: ChurchRota 2.6.4 - RCE Authenticated Date: 1/19/2021 Exploit Author: Rob McCarthy @slixperi Vendor Homepage: https://github.com/Little-Ben/ChurchRota Software Link: https://github.com/Little-Ben/ChurchRota Version: 2.6.4 Tested on: Ubuntu import requests from pwn import listen...
CVE-2018-17178
An issue was discovered on Neato Botvac Connected 2.2.0 devices. They execute unauthenticated manual drive commands sent to /bin/webserver on port 8081 if they already have an active session. Commands like forward, back, arc-left, arc-right, pivot-left, and pivot-right are executed even though th...
CVE-2018-17176
A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode requires authentication, but once recorded, the authentication always transmitted in cleartext can be replayed to /bin/webserver on port 8081. There are no nonces, and timestamps are not checked at all...
CVE-2018-17176
A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode requires authentication, but once recorded, the authentication always transmitted in cleartext can be replayed to /bin/webserver on port 8081. There are no nonces, and timestamps are not checked at all...
CVE-2018-16710
OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. NOTE: the vendor disputes the significance of this report because their documentation states that with "blind port forwarding ... Putting OctoPrint onto the...
PT-2018-13698 · Octoprint · Octoprint
Name of the Vulnerable Software and Affected Versions: OctoPrint versions 1.3.9 and earlier Description: The issue allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. The vendor disputes the significance of this report, citing their...
CVE-2017-9000
ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x prior to 6.5.1.9, 6.5.2, 6.5.3 prior to 6.5.3.3, 6.5.4 prior to 6.5.4.2, 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally is vulnerable to unauthenticated arbitrary file access. An...
CVE-2017-9000
ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x prior to 6.5.1.9, 6.5.2, 6.5.3 prior to 6.5.3.3, 6.5.4 prior to 6.5.4.2, 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally is vulnerable to unauthenticated arbitrary file access. An...
CVE-2017-16606
This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. Th...
CVE-2017-16605
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
CVE-2017-16604
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
CVE-2017-16606
This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. Th...
CVE-2017-16605
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
CVE-2017-16601
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
CVE-2017-16598
This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed...