CVE-2021-27173

An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0=calculatedBR0MAC backdoor API, without authentication, provided by the HTTP server. This will remove firewall rules and allow an attacker to reach the telnet server used for the CLI...

EUVD-2019-3017

Malware in sbrugna...

CVE-2021-27173

An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0&key=calculatedBR0MAC backdoor API, without authentication, provided by the HTTP server. This will remove firewall rules and allow an attacker to reach the telnet server used for the CLI...

Authentication flaw

An issue was discovered on FiberHome HG6245D devices through RP2613. There is a telnet?enable=0&key=calculatedBR0MAC backdoor API, without authentication, provided by the HTTP server. This will remove firewall rules and allow an attacker to reach the telnet server used for the CLI...

CVE-2019-11336

Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password used when the TV is acting as an access point by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886...

CVE-2019-11336

Summary (CVE-2019-11336) : Sony Bravia/Smart TV devices running the Photo Sharing Plus feature are vulnerable to an information-disclosure issue. The vulnerability allows remote attackers (within network range) to retrieve the TV’s static Wi‑Fi password used when the TV acts as an access point, v...

OS X rootpipe privilege elevation

Added: 04/14/2015 CVE: CVE-2015-1130 BID: 73982 OSVDB: 120418 Background OS X is an operating system for Mac computers. Problem The Admin framework in OS X contains a hidden backdoor API which allows local users to gain root privileges. Resolution Upgrade to OS X 10.10.3 or apply security update...

OS X rootpipe privilege elevation

Added: 04/14/2015 CVE: CVE-2015-1130 BID: 73982 OSVDB: 120418 Background OS X is an operating system for Mac computers. Problem The Admin framework in OS X contains a hidden backdoor API which allows local users to gain root privileges. Resolution Upgrade to OS X 10.10.3 or apply security update...

OS X rootpipe privilege elevation

Added: 04/14/2015 CVE: CVE-2015-1130 BID: 73982 OSVDB: 120418 Background OS X is an operating system for Mac computers. Problem The Admin framework in OS X contains a hidden backdoor API which allows local users to gain root privileges. Resolution Upgrade to OS X 10.10.3 or apply security update...

Apple Mac OSX - 'Rootpipe' Local Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Mac OS X "Rootpipe" Privilege Escalation', 'Description' = %q This module exploits a hidden backdoor API in Apple's Admin framework ...

Apple OS X Rootpipe Privilege Escalation

This module exploits a hidden backdoor API in Apple's Admin framework on Mac OS X to escalate privileges to root, dubbed "Rootpipe." This module was tested on Yosemite 10.10.2 and should work on previous versions. The patch for this issue was not backported to older releases. Note: you must run...

Apple Mac OS X Rootpipe Hidden Backdoor API Patch

UPDATE: Apple patched the so-called Rootpipe backdoor in OS X, but only in current versions of Yosemite. According to the researcher who found the vulnerability, Apple told him that it would not backport the fix to 10.9.x and older. The vulnerability, located in the OS X Admin framework, was...

Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Password Disclosure

Exploit for hardware platform in category web applications - Title: Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Remote Administration Password Disclosure - Author: Alberto Ortega @a0rtega [email protected] - Version: Tested on firmware version v2.0.0.30BES. Laboratory subject:...