5 matches found
Netgear R7000 Backup.cgi Heap Overflow Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear R7000 backup.cgi Heap Overflow RCE', 'Description' = %q This module exploits a heap buffer overflow in the genie.cgi?backup.cgi page of...
Metasploit Wrap-Up
New Olympic Discipline: Hive Hunting This week, community contributor Hakyac added a new Olympic discipline to Metasploit exploit sport category, which is based on the work of community security researchers @jonasLyk and Kevin Beaumont. The rules are simple: You need to abuse a flaw in Windows 10...
NETGEAR R7000 缓冲区溢出漏洞(CVE-2021-31802)
SSD Advisory – NETGEAR Nighthawk R7000 httpd PreAuth RCE April 26, 2021 SSD Disclosure / Technical Lead Uncategorized TL;DR Find out how a vulnerability in NETGEAR R7000 allows an attacker to run arbitrary code without requiring authentication with the device. Vulnerability Summary A vulnerabilit...
CVE-2021-31802
creationtimestamp| type| source ---|---|--- 2021-04-27 06:39:32+00:00| published-proof-of-concept| https://t.me/cKure/5070 2021-04-28 10:59:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3231 2021-07-29 13:34:49+00:00| seen|...
CVE-2021-31802
NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. The vulnerability exists within the handling of an HTTP request. An attacker can leverage this to execute code as root. The problem is that a user-provided length...