PT-2022-5814 · Dingtian · Dingtian Dt-R002

Name of the Vulnerable Software and Affected Versions: Dingtian DT-R002 2CH relay devices with firmware 3.1.276A Description: The issue is related to the relay cgi.cgi script on Dingtian DT-R002 2CH relay devices, which allows an attacker to replay HTTP post requests without the need for...

GoAhead file upload vulnerability

GoAhead is an open source small embedded web server from Embedthis Software, U.S. GoAhead is vulnerable to a file upload vulnerability that stems from incomplete filter processing in the file upload filter. An attacker could exploit this vulnerability to import untrusted environment variables int...

Visual Tools DVR VX16 4.2.28.0 Command Injection

Exploit Title: Visual Tools DVR VX16 4.2.28.0 - OS Command Injection Unauthenticated Date: 2021-07-05 Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. An unauthenticated remote attacker can...

Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated) Vulnerability

Exploit Title: Visual Tools DVR VX16 4.2.28.0 - OS Command Injection Unauthenticated Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. An unauthenticated remote attacker can inject arbitrary...

Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated)

Exploit Title: Visual Tools DVR VX16 4.2.28.0 - OS Command Injection Unauthenticated Date: 2021-07-05 Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. CVE: CVE-2021-42071 Reference:...

Stack overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the...

CVE-2021-27248

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the...

VulnCheck KEV: CVE-2013-1599

A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04US, DCS-2102/2121 1.05RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410...

MagazinegerZ vulnerable to cross-site scripting

Overview MagazinegerZ provided by CGI Script Market is a CGI script which provides a function to enable email newsletter distribution for a website. MagazinegerZ contains a stored cross-site scripting vulnerability CWE-79 which allows unintentional script execution on the web browser of the...

CVE-2020-28899

The Web CGI Script on ZyXEL LTE4506-M606 V1.00ABDO.2C0 devices does not require authentication, which allows remote unauthenticated attackers via crafted JSON action data to /cgi-bin/gui.cgi to use all features provided by the router. Examples: change the router password, retrieve the Wi-Fi...

SonicWall SSL-VPN 8.0.0.0 - 'visualdoor' Remote Code Execution (Unauthenticated)

Exploit Title: SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution Unauthenticated Exploit Author: Darren Martyn Vendor Homepage: https://www.home-assistant.io/ Version: SMA 8.0.0.4 Blog post: https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/...

Cisco UCS Manager 2.2(1d) Remote Command Execution

import sys, ssl, os, time import requests from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disablewarningsInsecureRequestWarning Exploit Title : Cisco UCS Manager - 2.21d - Remote Command Execution Description : An unspecified CGI script in Cisco...

Cisco UCS Manager 2.2(1d) - Remote Command Execution

Exploit Title: Cisco UCS Manager 2.21d - Remote Command Execution Description: An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System UCS Manager before 2.24b, 2.25 before 2.25a, and 3.0 before 3.02e allows remote attackers to execute...

CVE-2020-29656

An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dmapply.cgi?actionmode=initial&downloadtype=General&specialcgi=getlanguage makes it possible to reach "unknown functionality" in a "known to be easy" manner via an...

Authentication flaw

An issue was discovered on D-Link DSR-250N before 3.17B devices. The CGI script upgradeStatusReboot.cgi can be accessed without authentication. Any access reboots the device, rendering it therefore unusable for several minutes...

CVE-2020-26567

The CVE-2020-26567 issue affects D-Link DSR-250N devices (prior to version 3.17B). The CGI script upgradeStatusReboot.cgi can be accessed without authentication, and any access reboots the device, causing a DoS for several minutes. Publicly documented details come from multiple sources (Red Hat a...

D-Link DSR-250N 3.12 - Denial of Service (PoC)

Exploit Title: D-Link DSR-250N 3.12 - Denial of Service PoC Google Dork: N/A Author: RedTeam Pentesting GmbH Date: 2020-10-03 Exploit Author: Kiko Andreu kikoas1995 & Daniel Monzón stark0de Vendor Homepage: https://www.dlink.com Software Link:...

D-Link DSR-250N Denial Of Service

Advisory: Denial of Service in D-Link DSR-250N RedTeam Pentesting discovered a Denial-of-Service vulnerability in the D-Link DSR-250N device which allows unauthenticated attackers in the same local network to execute a CGI script which reboots the device. Details ======= Product: D-Link DSR-250N...

CVE-2020-13364

A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21AASZ.4C0, V5.21AASZ.0C0, V5.11AASZ.3C0, and V5.11AASZ.0C0; NAS542 V5.11ABAG.0C0, V5.20ABAG.1C0, and V5.21ABAG.3C0; NSA325 v2V4.81AALS.0C0 and V4.81AAAJ.1C0; NSA310 4.22AFK.0C0 and...

CVE-2020-13364

A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21AASZ.4C0, V5.21AASZ.0C0, V5.11AASZ.3C0, and V5.11AASZ.0C0; NAS542 V5.11ABAG.0C0, V5.20ABAG.1C0, and V5.21ABAG.3C0; NSA325 v2V4.81AALS.0C0 and V4.81AAAJ.1C0; NSA310 4.22AFK.0C0 and...