36 matches found
EUVD-2018-13041
Malware in sbrugna...
EUVD-2018-6443
Malware in sbrugna...
Inteno IOPSYS 3.16.4 Root Filesystem Access
Exploit Title: Inteno IOPSYS 3.16.4 - root filesystem access via sambashare Authenticated Date: 2020-03-29 Exploit Author: Henrik Pedersen Vendor Homepage: https://intenogroup.com/ Version: Iopsys -p -k Requires: impacket websocket-client On Windows: pyreadline """ def ubusAuthhost, username,...
Inteno IOPSYS 3.16.4 - root filesystem access via sambashare (Authenticated)
Exploit Title: Inteno IOPSYS 3.16.4 - root filesystem access via sambashare Authenticated Date: 2020-03-29 Exploit Author: Henrik Pedersen Vendor Homepage: https://intenogroup.com/ Version: Iopsys -p -k Requires: impacket websocket-client On Windows: pyreadline """ def ubusAuthhost, username,...
Inteno IOPSYS Gateway - Improper Access Restrictions
Exploit Title: Inteno IOPSYS Gateway 3DES Key Extraction - Improper Access Restrictions Date: 2019-06-29 Exploit Author: Gerard Fuguet [email protected] Vendor Homepage: https://www.intenogroup.com/ Version: EG200-WU7P1UADAMO3.16.4-1902261650 Fixed Version: EG200-WU7P1UADAMO3.16.8-1908200937...
Inteno IOPSYS Gateway - Improper Access Restrictions
Inteno IOPSYS Gateway - Improper Access Restrictions Exploit Title: Inteno IOPSYS Gateway 3DES Key Extraction - Improper Access Restrictions Date: 2019-06-29 Exploit Author: Gerard Fuguet [email protected] Vendor Homepage: https://www.intenogroup.com/ Version: EG200-WU7P1UADAMO3.16.4-1902261650...
Inteno IOPSYS Gateway 3DES Key Extraction Improper Access
Exploit Title: Inteno IOPSYS Gateway 3DES Key Extraction - Improper Access Restrictions Date: 2019-06-29 Exploit Author: Gerard Fuguet [email protected] Vendor Homepage: https://www.intenogroup.com/ Version: EG200-WU7P1UADAMO3.16.4-1902261650 Fixed Version: EG200-WU7P1UADAMO3.16.8-1908200937...
CVE-2018-20487
An issue was discovered in the firewall3 component in Inteno IOPSYS 1.0 through 3.16. The attacker must make a JSON-RPC method call to add a firewall rule as an "include" and point the "path" argument to a malicious script or binary. This gets executed as root when the firewall changes are...
CVE-2018-20487
An issue was discovered in the firewall3 component in Inteno IOPSYS 1.0 through 3.16. The attacker must make a JSON-RPC method call to add a firewall rule as an "include" and point the "path" argument to a malicious script or binary. This gets executed as root when the firewall changes are...
Design/Logic Flaw
An issue was discovered in the firewall3 component in Inteno IOPSYS 1.0 through 3.16. The attacker must make a JSON-RPC method call to add a firewall rule as an "include" and point the "path" argument to a malicious script or binary. This gets executed as root when the firewall changes are...
CVE-2018-20487
This CVE affects the firewall3 component of Inteno IOPSYS 1.0–3.16. A JSON-RPC call to add a firewall rule as an “include” can point the path to a malicious script/binary, which is executed as root when changes are committed. Affected software: Inteno IOPSYS firewall3. Root-level impact: arbitrar...
CVE-2018-20487
An issue was discovered in the firewall3 component in Inteno IOPSYS 1.0 through 3.16. The attacker must make a JSON-RPC method call to add a firewall rule as an "include" and point the "path" argument to a malicious script or binary. This gets executed as root when the firewall changes are...
CVE-2018-14533
readtmp and writetmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp...
Design/Logic Flaw
readtmp and writetmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp...
CVE-2018-14533
readtmp and writetmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp...
CVE-2018-14533
CVE-2018-14533 affects Inteno IOPSYS. The issue stems from read_tmp/write_tmp functions that let a local attacker escalate privileges by writing to /tmp/etc/smb.conf because /var is a symlink to /tmp. Public references describe an exploit path; exploitation status is not provided in the documents...
Inteno IOPSYS - (Authenticated) Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits !/usr/bin/python import json import sys import subprocess import socket import os from websocket import createconnection def ubusAuthhost, username, password: ws = createconnection"ws://" + host, header = "Sec-WebSocket-Protocol: ubus-json" re...
Inteno’s IOPSYS - (Authenticated) Local Privilege Escalation
!/usr/bin/python import json import sys import subprocess import socket import os from websocket import createconnection def ubusAuthhost, username, password: ws = createconnection"ws://" + host, header = "Sec-WebSocket-Protocol: ubus-json" req = json.dumps"jsonrpc":"2.0","method":"call",...
Inteno’s IOPSYS - (Authenticated) Local Privilege Escalation
Inteno’s IOPSYS - Authenticated Local Privilege Escalation !/usr/bin/python import json import sys import subprocess import socket import os from websocket import createconnection def ubusAuthhost, username, password: ws = createconnection"ws://" + host, header = "Sec-WebSocket-Protocol: ubus-jso...
Inteno IOPSYS p910nd Arbitrary File Read Vulnerability
Inteno IOPSYS is a suite of open service delivery platforms from Inteno Broadband Technologies in Sweden. The platform consists of a gateway operating system, a home portal, and a variety of software development kits. p910nd is one of the print daemons. A security vulnerability exists in p910nd o...