XikeStor SKS8310-8X 访问控制错误漏洞

The XikeStor SKS8310-8X is an Ethernet switch produced by the XikeStor company. Versions of XikeStor SKS8310-8X prior to 1.04.B07 contain a security vulnerability related to access control. This vulnerability stems from the absence of authentication at the /switchconfig.src endpoint, which may...

CVE-2021-47802

Tenda D151 and D301 routers contain an unauthenticated configuration download vulnerability that allows remote attackers to retrieve router configuration files. Attackers can send a request to /goform/getimage endpoint to download configuration data including admin credentials without...

EUVD-2021-26272

Malware in sbrugna...

PT-2024-34364

Name of the Vulnerable Software and Affected Versions: KDE Kmail versions prior to 6.2.0 Description: The issue allows man-in-the-middle attackers to trigger the use of an attacker-controlled mail server. This is because cleartext HTTP is used for retrieving configuration from URLs such as...

Cambium CnPilot R200/r201 Login Scanner And Config Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium cnPilot r200/r201 Login Scanner and Config Dump', 'Description' = % This module scans for Cambium cnPilot r200/r201 management login...

BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure', 'Description' = %q This module exploits a...

CVE-2024-31815

In TOTOLINK EX200 V4.0.3c.7314B20191204, an attacker can obtain the configuration file without authorization through /cgi-bin/ExportSettings.sh...

CVE-2020-24215

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device including retrieving the device's configuration with the cleartext admin password, and...

CVE-2013-1391

Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration...

BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure

This module exploits an unauthenticated configuration retrieval .NET remoting service in Numara / BMC Track-It! v9 to v11.X, which can be abused to retrieve the Domain Administrator and the SQL server user credentials. This module has been tested successfully on versions 11.3.0.355, 10.0.51.135,...

Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval

No description provided by source. !/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the BSFsystempassword MTA LDAP passwordsmtaldapadvancedpasswor...

CVE-2014-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211

Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A Reported by: Jerzy Kramarz Details: By sending a crafted PO...

Broadcom PIPA C211 - Sensitive Information Disclosure

Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A Reported by: Jerzy Kramarz Details: By sending the followin...

Broadcom PIPA C211 - Sensitive Information Disclosure

Broadcom PIPA C211 - Sensitive Information Disclosure Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A...

Broadcom PIPA C211 Information Disclosure

Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A Reported by: Jerzy Kramarz Details: By sending the followin...

General Electric D20 Password Recovery

The General Electric D20ME and possibly other units D200? feature TFTP readable configurations with plaintext passwords. This module retrieves the username, password, and authentication level list. This module requires Metasploit: https://metasploit.com/download Current source:...

Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Configuration

Exploit for cgi platform in category remote exploits =================================================================== Barracuda Networks Spam & Virus Firewall " echo "" exit; fi; curl http://$1:8000/cgi-mod/viewhelp.cgi?locale=/../../../../../../../mail/snapshot/config.snapshot%00 $1.config ls...

Barracuda Networks Spam &amp; Virus Firewall 4.1.1.021 - Remote Configuration Retrieval

!/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the BSFsystempassword MTA LDAP passwordsmtaldapadvancedpassword Password for each configured...

Barracuda Networks Spam Virus Firewall 4.1.1.021 - Remote Configuration Retrieval

Barracuda Networks Spam Virus Firewall 4.1.1.021 - Remote Configuration Retrieval !/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the...

lexmark-config NSE Script

Retrieves configuration information from a Lexmark S300-S400 printer. The Lexmark S302 responds to the NTPRequest version probe with its configuration. The response decodes as mDNS, so the request was modified to resemble an mDNS request as close as possible. However, the port 9100/udp is listed ...