Exploit for Use of Hard-coded Credentials in Tp-Link Tl-Wr845N_Firmware

Poc-CVE-2024-57040 CVE-2024-57040 is a security vulnerability...

CAREL Boss-Mini

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : CAREL Equipment : Boss-Mini Vulnerability : Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

OWASP Top 10 Deep Dive: Identification and Authentication Failures

In the 2021 edition of the OWASP top 10 list, Broken Authentication was changed to Identification and Authentication Failures. This term bundles in a number of existing items like cryptography failures, session fixation, default login credentials, and brute-forcing access. Additionally, this...

SeaWell Networks Spectrum - Multiple Vulnerabilities

SeaWell Networks Spectrum - Multiple Vulnerabilities Exploit Title: SeaWell Networks Spectrum - Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: http://www.seawellnetworks.com/spectrum/ Versions Reported: Spectrum SDC 02.05.00, Build 02.05.00.0016 CVE-ID: CVE-2015-8282...

TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution

Exploit for hardware platform in category web applications Vulnerability description: The domain name parameters of the "Parental Control" and "Access Control" features of the TP-Link TL-WR740N v4 FW-Ver. 3.16.6 Build 130529 Rel.47286n router are prone to arbitrary shell command execution as root...

WebTitan Default Credentials (ssh)

The account 'admin' is using a default password. A remote, unauthenticated attacker could exploit this to log in as a privileged user and gain access to the WebTitan configuration menu. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid76777; scriptversion"$Revision: 1....

On plesk virtual host to mention the right-vulnerability warning-the black bar safety net

This virtual machine in a foreign country relatively popular. Safety performance is also very high, where the next record to mention the right methods. 1. mysql adminthe original rootand the default passwordsetupdidn't change,by mysql to provide the right 2. Parallels Plesk Control Panel,in 8 8 8...

RhinoSoft Serv-U FTP Server 3.x 5.x - Local Privilege Escalation

RhinoSoft Serv-U FTP Server 3.x 5.x - Local Privilege Escalation / Hax0rcitos proudly presents Serv-u Local Exploit v3.x. tested also against last version 5.1.0.0 All Serv-u Versions have default Login/password for local Administration. This account is only available to connect in the loopback...