CVE-2020-36874 ACE SECURITY WIP-90113 Unauthenticated Configuration Disclosure

ACE SECURITY WIP-90113 HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup may...

Netgear R7000 Backup.cgi Heap Overflow Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear R7000 backup.cgi Heap Overflow RCE', 'Description' = %q This module exploits a heap buffer overflow in the genie.cgi?backup.cgi page of...

Netgear R7000 backup.cgi Heap Overflow RCE

This module exploits a heap buffer overflow in the genie.cgi?backup.cgi page of Netgear R7000 routers running firmware version 1.0.11.116. Successful exploitation results in unauthenticated attackers gaining code execution as the root user. The exploit utilizes these privileges to enable the teln...

CVE-2021-31802

NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. The vulnerability exists within the handling of an HTTP request. An attacker can leverage this to execute code as root. The problem is that a user-provided length...

Heap overflow

NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. The vulnerability exists within the handling of an HTTP request. An attacker can leverage this to execute code as root. The problem is that a user-provided length...

IPFire Firewall Web Interface Command Injection (CVE-2018-16232)

A command injection vulnerability exists in the web interface of IPFire firewall. The vulnerability is due to improper validation of user-supplied requests in the backup.cgi script. Successful exploitation could lead to arbitrary command injection as the nobody user...

IPFire Firewall Command Injection Vulnerability

IPFire Firewall is an open source Linux-based firewall system . A command injection vulnerability exists in the backup.cgi file in versions prior to IPFire Firewall 2.21 Core Update 124, which can be exploited by an attacker to execute arbitrary commands...

CVE-2018-16232

An authenticated command injection vulnerability exists in IPFire Firewall before 2.21 Core Update 124 in backup.cgi. This allows an authenticated user with privileges for the affected page to execute arbitrary commands...

Cobalt RaQ4 Administrative Interface backup.cgi Command Execution (EXTINCTSPINACH)

The Cobalt RaQ4 administrative interface running on the remote host is affected by a remote command execution vulnerability in the /cgi-bin/.cobalt/backup/backup.cgi script. An unauthenticated, remote attacker can exploit this to execute arbitrary commands. EXTINCTSPINACH is one of multiple...

CosmoShop ePRO 10.17.00 Authentication Bypass

Issue: Authentication-Bypass in CosmoShop ePRO V10.17.00 and lower, maybe higher Author: l0om http://l0om.org Date: 26.02.2013 Overview: Cosmoshop provides an admin backup-function which saves .htaccess protected MySQL dump files in a backup directory. This directory does only prevent HTTP...