Victure RX1800 WiFi 6 安全漏洞

The Victure RX1800 WiFi 6 is a wireless router from Victure. A security vulnerability exists in the Victure RX1800 WiFi 6 that stems from the TELNET service being enabled and exposed over the LAN. The root account can be accessed without a password, allowing an attacker to remotely take full...

Directory traversal

A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. It contains several lines for the mistral user that have wildcards that allow directory traversal...

CVE-2017-2627

A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. The sudoers file as installed with OSP's openstack-tripleo-common package is much too permissive. It contains several lines for the mistral user that have wildcards that allow directory traversal...

Linux/x86 - Add Root User (w000t) + No Password Shellcode (177 bytes)

Linux x86 shellcode that uses execve and echo to create a passwordless root account. Author: zillion Email : email protected Homepage: safemode.org File: w000t-shell.c / This shellcode will add a passwordless local root account 'w000t' Written by email protected Why so big ? it uses execve ;- /...

Seagate Central Remote Root Exploit

Seagate Central by default has a passwordless root account and no option to change it. This exploit logs into the ftp server and uploads a php shell to the webroot. From there, the uploaded shell can execute commands with root privileges as lighttpd. !/usr/bin/python seagateftpremoteroot.py Seaga...

Seagate Central 2014.0410.0026-F - Remote Facebook Access Token

!/usr/bin/python seagatecentralfacebook.py Seagate Central Remote Facebook Access Token Exploit Jeremy Brown jbrown3264/gmail May 2015 -Synopsis- Seagate Central stores linked Facebook account access tokens in /etc/archiveaccounts.ser and this exploit takes advantage of two bugs: 1 Passwordless...

Seagate Central 2014.0410.0026-F - Remote Command Execution

Seagate Central 2014.0410.0026-F - Remote Command Execution !/usr/bin/python seagateftpremoteroot.py Seagate Central Remote Root Exploit Jeremy Brown jbrown3264/gmail May 2015 -Synopsis- Seagate Central by default has a passwordless root account and no option to change it. One way to exploit this...