296 matches found
WK UDID v1.0.1 iOS - Command Inject Vulnerability
Document Title: =============== WK UDID v1.0.1 iOS - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1539 Release Date: ============= 2016-05-01 Vulnerability Laboratory ID VL-ID: ==================================== 1539...
HooToo Tripmate HT-TM01 Cross Site Request Forgery
Exploit Title: HooToo Tripmate HT-TM01 Cross Site Request Forgery Date: 03Sep15 Exploit Author: Ken Smith Contact: https://twitter.com/P4tchw0rk Vendor Homepage: http://www.hootoo.com Version: HT-TM01, version 2.000.022 1. Description Various functions in the device's admin web portal are...
UDID+ v2.5 iOS - Mail Command Inject Vulnerability
Document Title: =============== UDID+ v2.5 iOS - Mail Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1542 Release Date: ============= 2015-07-06 Vulnerability Laboratory ID VL-ID: ==================================== 1542...
WK UDID v1.0.1 iOS - Command Injection Vulnerability
Exploit for iOS platform in category local exploits Document Title: =============== WK UDID v1.0.1 iOS - Command Inject Vulnerability Product & Service Introduction: =============================== This app offers the opportunity to read device-specific information from your iPhone, iPad or iPod...
WK UDID 1.0.1 iOS - Command Injection
Document Title: =============== WK UDID v1.0.1 iOS - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1539 Release Date: ============= 2015-07-01 Vulnerability Laboratory ID VL-ID: ==================================== 1539...
FCS Scanner 1.0 / 1.4 Command Injection
Document Title: =============== FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1538 Release Date: ============= 2015-06-30 Vulnerability Laboratory ID VL-ID: ==================================== 153...
FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability
Document Title: =============== FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1538 Release Date: ============= 2015-06-30 Vulnerability Laboratory ID VL-ID: ==================================== 153...
FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability
Document Title: =============== FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1538 Release Date: ============= 2015-06-30 Vulnerability Laboratory ID VL-ID: ==================================== 153...
D-Link Devices HNAP SOAPAction-Header Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'D-Link Devices HNAP SOAPAction-Header Command Execution', 'Description' = %q Different D-Link Routers are vulnerable to OS command...
D-Link DIR-645 Wired/Wireless Router OS Command Injection Vulnerability
The D-Link DIR-645 is an adjustable wireless transmit power router product from AUO D-Link. A security vulnerability exists in the D-Link DIR-645 Wired/Wireless Router Rev. Ax. A remote attacker can exploit this vulnerability to execute arbitrary code by performing a GetDeviceSettings operation o...
Cisco EPC3925 - Cross Site Request Forgery
Cisco EPC3925是美国思科(Cisco)公司的一款家用无线路由器设备。 Cisco EPC3925路由器中存在跨站请求伪造漏洞,该漏洞源于goform/Quicksetup URL没有正确验证请求。远程攻击者可借助Password和PasswordReEnter参数利用该漏洞更改密码。 Exploit Title: Cisco EPC3925 ? Cross Site Request Forgery Google Dork: N/A Date: 12-11-2013 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage:...
Cisco EPC3925跨站请求伪造漏洞
Cisco EPC3925是美国思科(Cisco)公司的一款家用无线路由器设备。 Cisco EPC3925路由器中存在跨站请求伪造漏洞,该漏洞源于goform/Quicksetup URL没有正确验证请求。远程攻击者可借助Password和PasswordReEnter参数利用该漏洞更改密码。 Exploit Title: Cisco EPC3925 � Cross Site Request Forgery Google Dork: N/A Date: 12-11-2013 Exploit Author: Jeroen - IT Nerdbox Vendor Homepage:...
Samsung DVR Firmware 1.10 - Authentication Bypass Vulnerability
Exploit for hardware platform in category web applications Title: Samsung DVR authentication bypass Version affected: firmware version = 1.10 Vendor: Samsung - www.samsung-security.com Discovered by: Andrea Fabrizi Email: email protected Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status...
Samsung DVR Authentication Bypass
Title: Samsung DVR authentication bypass Version affected: firmware version = 1.10 Vendor: Samsung - www.samsung-security.com Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Samsung provides a wide range of DVR...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the web-based management utility on the NEC AtermWR9500N, AtermWR8600N, AtermWR8370N, AtermWR8160N, AtermWM3600R, and AtermWM3450RN routers allow remote attackers to hijack the authentication of administrators for requests that 1...
Huawei HG510 CSRF, Auth Bypass, DoS
Hello, Huawei HG510 is a device offered by the Serbian telecom operator, to provide ADSL Internet connection. Administration of settings on this device is allowed only from local LAN network but not only from private IP address eg 192.168.1.1 then You can access with public IP address only from...