Lucene search
K

67 matches found

Metasploit
Metasploit
added 2023/01/05 7:49 p.m.414 views

Linear eMerge E3-Series Access Controller Command Injection

This module exploits a command injection vulnerability in the Linear eMerge E3-Series Access Controller. The Linear eMerge E3 versions 1.00-06 and below are vulnerable to unauthenticated command injection in cardscandecoder.php via the No and door HTTP GET parameter. Successful exploitation resul...

10CVSS9.7AI score0.97136EPSS
Exploits16
ICS
ICS
added 2022/05/24 12:0 a.m.78 views

Matrikon OPC Server

1. EXECUTIVE SUMMARY CVSS v3 5.8 ATTENTION: Exploitable remotely Vendor: Matrikon, a subsidiary of Honeywell Equipment: Matrikon OPC Server Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve remote command...

9CVSS7.7AI score0.00619EPSS
Exploits0References5
ICS
ICS
added 2020/07/30 12:0 a.m.444 views

ICSA-20-212-02_Mitsubishi Electric Multiple Factory Automation Engineering Software Products (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Multiple Factory Automation Engineering Software products Vulnerability: Permission Issues 2. UPDATE INFORMATION This updated advisory is a follow-up to the advisory update...

9.8CVSS9.3AI score0.00827EPSS
Exploits0References2
ICS
ICS
added 2019/12/03 12:0 a.m.57 views

Reliable Controls LicenseManager

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Reliable Controls Equipment: LicenseManager Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to crash the system, view sensitive...

7.8CVSS7.8AI score0.004EPSS
Exploits0References5
exploitpack
exploitpack
added 2019/11/13 12:0 a.m.75 views

Linear eMerge E3 1.00-06 - Remote Code Execution

Linear eMerge E3 1.00-06 - Remote Code Execution Title: Linear eMerge E3 1.00-06 - Remote Code Execution Author: LiquidWorm Date: 2019-11-13 Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Affected version: =2.3.0a...

10CVSS0.4AI score0.97136EPSS
Exploits16
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.83 views

FlexAir Access Control 2.4.9api3 - Remote Code Execution

FlexAir Access Control 2.4.9api3 - Remote Code Execution Exploit Title: FlexAir Access Control 2.4.9api3 - Remote Code Execution Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...

9CVSS0.5AI score0.1163EPSS
Exploits7
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.58 views

Optergy 2.3.0a - Cross-Site Request Forgery (Add Admin)

Optergy 2.3.0a - Cross-Site Request Forgery Add Admin Title: Optergy 2.3.0a - Cross-Site Request Forgery Add Admin Author: LiquidWorm Date: 2019-11-05 Vendor: https://optergy.com/ Product web page: https://optergy.com/products/ Affected version: history.pushState'', '', '/' input type="hidden"...

6.8CVSS0.8AI score0.04476EPSS
Exploits4
0day.today
0day.today
added 2019/11/12 12:0 a.m.110 views

Prima Access Control 2.3.35 - (HwName) Persistent Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...

7.1AI score0.08256EPSS
Exploits5
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.45 views

Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting

Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting Exploit Title: Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...

3.5CVSS8.8AI score0.08256EPSS
Exploits5
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.50 views

CBAS-Web 19.0.0 - Remote Code Execution

CBAS-Web 19.0.0 - Remote Code Execution Exploit Title: CBAS-Web 19.0.0 - Remote Code Execution Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/...

9CVSS7.5AI score0.02991EPSS
Exploits4
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.44 views

eMerge E3 1.00-06 - Remote Code Execution

eMerge E3 1.00-06 - Remote Code Execution Exploit Title: eMerge E3 1.00-06 - Remote Code Execution Google Dork: NA Date: 2018-09-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Version:...

10CVSS9.8AI score0.97136EPSS
Exploits16
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.47 views

Prima Access Control 2.3.35 - Arbitrary File Upload

Prima Access Control 2.3.35 - Arbitrary File Upload Exploit Title: Prima Access Control 2.3.35 - Arbitrary File Upload Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...

9CVSS0.5AI score0.1163EPSS
Exploits7
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.236 views

eMerge E3 Access Controller 4.6.07 - Remote Code Execution

eMerge E3 Access Controller 4.6.07 - Remote Code Execution Exploit Title: eMerge E3 Access Controller 4.6.07 - Remote Code Execution Google Dork: NA Date: 2018-11-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link:...

10CVSS0.3AI score0.23123EPSS
Exploits16
Packet Storm
Packet Storm
added 2019/11/12 12:0 a.m.96 views

Nortek Linear eMerge E3 Access Control Cross Site Request Forgery

Nortek Linear eMerge E3 Access Control Cross-Site Request Forgery CVE: CVE-2019-7262 Advisory: https://applied-risk.com/resources/ar-2019-005 Discovered by Gjoko 'LiquidWorm' Krstic input type="hidden" name="DefaultFloorNo" valu...

6.8CVSS0.4AI score0.16278EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/11/12 12:0 a.m.97 views

Optergy BMS 2.0.3a Remote Root

!/usr/bin/env python Unauthenticated Remote Root Exploit in Optergy BMS Console Backdoor Affected version \n' sys.exit while True: challengeurl = 'http://'+sys.argv1+'/tools/ajax/ConsoleResult.html?get' try: req1 = requests.getchallengeurl getchallenge = json.loadsreq1.text challenge =...

10CVSS9.6AI score0.93384EPSS
Exploits7
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.44 views

CBAS-Web 19.0.0 - Username Enumeration

CBAS-Web 19.0.0 - Username Enumeration Exploit Title: CBAS-Web 19.0.0 - Username Enumeration Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/...

5CVSS5.6AI score0.08489EPSS
Exploits4
0day.today
0day.today
added 2019/11/12 12:0 a.m.112 views

Optergy 2.3.0a - Remote Code Execution Exploit

Exploit for hardware platform in category web applications Title: Optergy 2.3.0a - Remote Code Execution Author: LiquidWorm Vendor: https://optergy.com/ Product web page: https://optergy.com/products/ Affected version: =2.3.0a Advisory: https://applied-risk.com/resources/ar-2019-008 Paper:...

10CVSS0.29043EPSS
Exploits5
Packet Storm
Packet Storm
added 2019/11/12 12:0 a.m.620 views

Linear eMerge E3 1.00-06 card_scan_decoder.php Command Injection

!/usr/bin/env python Linear eMerge E3 Unauthenticated Command Injection Remote Root Exploit Affected version: =1.00-06 via cardscandecoder.php CVE: CVE-2019-7256 Advisory: https://applied-risk.com/resources/ar-2019-005 Paper: https://applied-risk.com/resources/i-own-your-building-management-syste...

10CVSS0.2AI score0.97136EPSS
Exploits16
Packet Storm
Packet Storm
added 2019/11/12 12:0 a.m.140 views

Prima FlexAir Access Control 2.3.35 Database Backup Predictable Name

!/usr/bin/env python -- coding: utf8 -- Prima FlexAir Access Control 2.3.35 Database Backup Predictable Name Exploit Authentication Bypass Login with MD5 hash CVE: CVE-2019-7666, CVE-2019-7667 Advisory: https://applied-risk.com/resources/ar-2019-007 Paper:...

6.5CVSS9.3AI score0.1482EPSS
Exploits6
Packet Storm
Packet Storm
added 2019/11/12 12:0 a.m.444 views

Nortek Linear eMerge E3 Access Controller 1.00-06 SSH/FTP Remote Root

!/usr/bin/env python Nortek Linear eMerge E3 Access Controller SSH/FTP Remote Root Affected version: \n' sys.exit ip = sys.argv1 rshell = ssh'root', ip, password='davestyle', port=22 rshell.interactive...

10CVSS0.3AI score0.23123EPSS
Exploits17
Rows per page
Query Builder