13 matches found
EUVD-2017-16899
Malware in sbrugna...
Exploit for OS Command Injection in Control-Webpanel Webpanel
Docs Paper : https://docs.google.com/document/d/1rQ7e9i2AFzHbASf...
Schweitzer Engineering Laboratories, Inc. SEL-3620 and SEL-3622 Improper Access Control (CVE-2017-7928)
An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories SEL SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may...
CVE-2017-7928
An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories SEL SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may...
Improper access control
An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories SEL SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may...
CVE-2017-7928
An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories SEL SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may...
CVE-2017-7928
An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories SEL SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may...
CVE-2017-7928
The CVE-2017-7928 issue affects SEL-3620 and SEL-3622 Security Gateway devices (firmware R202, R203, R203-V1/V2, R204, R204-V1). Root cause: improper access control when NAT port forwarding is configured, potentially permitting unauthorized communications to downstream devices. Impact: could enab...
Schweitzer Engineering Laboratories, Inc. SEL-3620 and SEL-3622
CVSS v3 7.2 ATTENTION: Remotely exploitable/Low skill level to exploit. Vendor: Schweitzer Engineering Laboratories, Inc. SEL Equipment: SEL-3620, SEL-3622 Vulnerability: Improper Access Control AFFECTED PRODUCTS The following versions of SEL-3620 and SEL-3622, an Ethernet Security Gateway, are...
Huawei HG532n - Command Injection (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'base64' class MetasploitModule 'Huawei HG532n Command Injection', 'Description' = %q This module exploits a command injection vulnerability in...
Huawei HG532n Command Injection
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'base64' class MetasploitModule 'Huawei HG532n Command Injection', 'Description' = %q This module exploits a command injection vulnerability in...
Huawei HG532n Command Injection Exploit
This Metasploit module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used her...
Huawei HG532n Command Injection
This module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used here to expose...