Linksys RE6500 1.0.11.001 Remote Code Execution

Exploit Title: Linksys RE6500 1.0.11.001 - Unauthenticated RCE Date: 31/07/2020 Exploit Author: RE-Solver Public disclosure: https://resolverblog.blogspot.com/2020/07/linksys-re6500-unauthenticated-rce-full.html4 Vendor Homepage: www.linksys.com Version: FW V1.05 up to FW v1.0.11.001 Tested on: F...

Command injection

Unsanitized user input in the web interface for Linksys WiFi extender products RE6400 and RE6300 through 1.2.04.022 allows for remote command execution. An attacker can access system OS configurations and commands that are not intended for use beyond the web UI...

Xen pygrub本地验证绕过漏洞

Bugraq ID: 36523 Xen是一款用于Linux内核的一种虚拟化技术，允许同时运行多个操作系统。 Xen's PyGrub，当grub.conf以密码保护配置的情况下，在主机启动阶段没有检查密码，可物理接触主机的攻击者，可以利用这个缺陷更改OS启动配置。 XenSource Xen 3.3.1 XenSource Xen 3.3 XenSource Xen 3.0.3 厂商解决方案 用户可参考如下安全公告获得补丁信息： https://bugzilla.redhat.com/showbug.cgi?id=525740...