969 matches found
Linux Kernel 4.14.0-rc4+ - 'waitid()' Local Privilege Escalation
define GNUSOURCE include include include include include include include struct cred; struct taskstruct; typedef struct cred preparekernelcredt struct taskstruct daemon attributeregparm3; typedef int commitcredst struct cred new attributeregparm3; preparekernelcredt preparekernelcred; commitcreds...
CVE-2017-12579
An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 4.0.24 and earlier allows a non-root user to obtain a root shell...
Design/Logic Flaw
An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 4.0.24 and earlier allows a non-root user to obtain a root shell...
CVE-2017-12579
An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 4.0.24 and earlier allows a non-root user to obtain a root shell...
Motorola Bootloader - Kernel Cmdline Injection Secure Boot and Device Locking Bypass
Sources: https://alephsecurity.com/2017/08/30/untethered-initroot/ https://github.com/alephsecurity/initroot initroot: Motorola Bootloader Kernel Cmdline Injection Secure Boot & Device Locking Bypass CVE-2016-10277 By Roee Hay / Aleph Research, HCL Technologies Recap of the Vulnerability and the...
Unspecified Vulnerability in Cisco DPC3939 Firmware
Cisco DPC3939 is a wireless voice gateway product from Cisco USA. A security vulnerability exists in the Cisco DPC3939 firmware. It allows an attacker to obtain the root shell of the gateway's Network Processor Atom Linux instance...
Barracuda WAF V360 Firmware 8.0.1.014 Early Boot Root Shell
KL-001-2017-010 : Barracuda WAF Early Boot Root Shell Title: Barracuda WAF Early Boot Root Shell Advisory ID: KL-001-2017-010 Publication Date: 2017.07.06 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-010.txt 1. Vulnerability Details Affected Vendor: Barracuda Affect...
Vulnerabilities in VIVOTEK Network Cameras IB8369, FD8164 and FD816BA
VIVOTEK Network Cameras IB8369, FD8164 and FD816BA are network camera products from VIVOTEK, China. A security vulnerability exists in the /cgi-bin/admin/testserver.cgi file of the Web services in VIVOTEK Network Cameras IB8369, FD8164 and FD816BA. The vulnerability can be exploited to execute...
Trend Micro InterScan Web Security Arbitrary Command Execution Vulnerability
Trend Micro InterScan Web Security is a Web security gateway that provides dynamic, integrated security for enterprise networks against Web-based threats. An arbitrary command execution vulnerability exists in Trend Micro InterScan Web Security. Port settings are not handled correctly due to SSH...
Motorola G4 & G5 mobile phone was traced to the presence of high-risk kernel command line injection vulnerability-vulnerability warning-the black bar safety net
In a previous article about the Nexus6 root vulnerability in the article, we had mentioned Vulnerability CVE-2016-10277 will likely affect the Motorola device. When we on Twitter by some of the relevant reports after the fact to prove our previous conjecture. In order to prove that Motorola devic...
Unspecified Vulnerability in Mimosa Client Radios and Mimosa Backhaul Radios (CNVD-2017-08182)
Mimosa Client Radios and Mimosa Backhaul Radios are both products of Mimosa Networks, Inc.Mimosa Client Radios is a hypervisor for the client devices of the Mimosa multipoint solution.Mimosa Backhaul Radios is Mimosa Backhaul Radios is a management program for broadband backhaul devices. A securi...
CVE-2017-9133
An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. In the device's web interface, after logging in, there is a page that allows you to ping other hosts from the device and view the results. The user is allowed to specify which host to ping, but...
CVE-2017-9135
An issue was discovered on Mimosa Client Radios before 2.2.4 and Mimosa Backhaul Radios before 2.2.4. On the backend of the device's web interface, there are some diagnostic tests available that are not displayed on the webpage; these are only accessible by crafting a POST request with a program...
Exploit for CVE-2016-6662
CVE-2016-6662 From SQL inj...
Huawei HG532n - Command Injection (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'base64' class MetasploitModule 'Huawei HG532n Command Injection', 'Description' = %q This module exploits a command injection vulnerability in...
Huawei HG532n Command Injection Exploit
This Metasploit module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used her...
Huawei HG532n Command Injection
This module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used here to expose...
GNS3 Mac OS-X 1.5.2 - ubridge Local Privilege Escalation
GNS3 Mac OS-X 1.5.2 - ubridge Local Privilege Escalation !/bin/sh GNS-3 Mac OS-X LPE local root exploit ===================================== GNS-3 on OS-X bundles the "ubridge" binary as a setuid root file. This file can be used to read arbitary files using "-f" arguement but also as it runs as...
Proxifier for Mac 2.17 / 2.18 - Privelege Escalation Exploit
Exploit for macOS platform in category local exploits Source: https://m4.rkw.io/blog/cve20177643-local-root-privesc-in-proxifier-for-mac--218.html Proxifier 2.18 also 2.17 and possibly some earlier version ships with a KLoader binary which it installs suid root the first time Proxifier is run. Th...
DblTekGoIPPwn - Tool to check if an IP of a DblTek GoIP is vulnerable to a challenge-response login system, execute remote commands botnet style, and generate responses to challenges
Tool to exploit challenge response system in vulnerable DblTek GoIP devices. Can generate responses to specified challenges, test hosts for the vulnerability, run commands on vulnerable hosts, and drop into a root shell on any vulnerable host. The Vulnerability On March 2nd, 2017, Trustwave...