CVE-2012-5968

The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN network...

CVE-2024-6198

The CVE-2024-6198 entry concerns Viasat modems exposing a web interface on ports 3030 and 9882, served by lighttpd implementing the SNORE interface. The vulnerability is a stack buffer overflow caused by insecure path parsing, exploitable by a specially crafted HTTP request from a LAN network int...

Ligolo - Reverse Tunneling Made Easy For Pentesters, By Pentesters

Ligolo is a simple and lightweight tool for establishing SOCKS5 or TCP tunnels from a reverse connection in complete safety TLS certificate with elliptical curve. It is comparable to Meterpreter with Autoroute + Socks4a , but more stable and faster. Use case You compromised a Windows / Linux / Ma...

Decentralized Peer to Peer File Sharing: iWant

A command-line tool for searching and downloading files in LAN network, without any central server. Features Decentralized : There is no central server hosting files. Therefore, no central point of failure Easy discovery of files : As easy as searching for something in Google. File download from...

Samsung Windows Laptop Owners Urged To Download Fix To MitM Vulnerability

Samsung laptop owners are being urged to update their Windows PCs after the discovery of a vulnerability that can allow remote attackers to download files onto a targeted system and gain complete control over the laptop. The flaw is tied to a feature called “Samsung SW Update Tool 2.2.5.16”...

CVE-2012-5968

The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN network...

Design/Logic Flaw

The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN network...

CVE-2012-5968

The CVE-2012-5968 issue affects Huawei E585 devices where admin session status is not validated, enabling a LAN-adjacent attacker to obtain user data and session IDs and modify data. The advisory notes remediation via vendor updates Huawei-SA-20121124-1-E585 and Huawei-SA-20121203-1-E585; exploit...

CVE-2012-5968

The Huawei E585 device does not validate the status of admin sessions, which allows remote attackers to obtain sensitive user information and the session ID, and modify data, by leveraging access to the LAN network...

Huawei HG510 CSRF, Auth Bypass, DoS

Hello, Huawei HG510 is a device offered by the Serbian telecom operator, to provide ADSL Internet connection. Administration of settings on this device is allowed only from local LAN network but not only from private IP address eg 192.168.1.1 then You can access with public IP address only from...