CVE-2018-16217

The network diagnostic function ping in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection...

FreeBSD rtld execl() Privilege Escalation

This module exploits a vulnerability in the FreeBSD run-time link-editor rtld. The rtld unsetenv function fails to remove LD environment variables if findenv fails. This can be abused to load arbitrary shared objects using LDPRELOAD, resulting in privileged code execution. This module has been...

Trigmap - A Wrapper For Nmap To Automate The Pentest

Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect informations into a well organized directory hierarchy. The use of Nmap makes the script portable easy to run not only on Kali Linux and very efficient thanks to the optimized Nmap algorithms. Detail...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1476)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerabili...

CVE-2019-11353

The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary commands using the built-in ping and traceroute utilities by using different payloads and injecting multiple parameters. This vulnerability is fixed in a later firmware version...

CVE-2019-11353

The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary commands using the built-in ping and traceroute utilities by using different payloads and injecting multiple parameters. This vulnerability is fixed in a later firmware version...

Input validation

The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary commands using the built-in ping and traceroute utilities by using different payloads and injecting multiple parameters. This vulnerability is fixed in a later firmware version...

CVE-2019-11353

The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary commands using the built-in ping and traceroute utilities by using different payloads and injecting multiple parameters. This vulnerability is fixed in a later firmware version...

Cross site scripting

An exploitable cross-site scripting vulnerability exists in the ACEManager pingresult.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the...

CVE-2018-4065

An exploitable cross-site scripting vulnerability exists in the ACEManager pingresult.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the...

Blue Angel Software Suite Command Execution

Exploit Title: Blue Angel Software Suite - Authenticated Command Execution Google Dork: N/A Date: 02/05/2019 Exploit Author: Paolo Serracino Vendor Homepage: http://www.5vtechnologies.com Software Link: N/A Version: All Tested on: Embedded Linux OS CVE : N/A Description: Blue Angel Software Suite...

Blue Angel Software Suite - Command Execution Exploit

Exploit Title: Blue Angel Software Suite - Authenticated Command Execution Exploit Author: Paolo Serracino Vendor Homepage: http://www.5vtechnologies.com Software Link: N/A Version: All Tested on: Embedded Linux OS CVE : N/A Description: Blue Angel Software Suite, an application that runs on...

Blue Angel Software Suite - Command Execution

Blue Angel Software Suite - Command Execution Exploit Title: Blue Angel Software Suite - Authenticated Command Execution Google Dork: N/A Date: 02/05/2019 Exploit Author: Paolo Serracino Vendor Homepage: http://www.5vtechnologies.com Software Link: N/A Version: All Tested on: Embedded Linux OS CV...

Denial Of Service (DOS)

Linux kernel is vulnerable to denial of service DOS attacks. The vulnerability exists because the pingunhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe. Local attackers with access ...

Denial Of Service (DoS)

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which...

Ping Identity: Internal Hostname disclosure from multiple Apache servers via blank host header method

This vulnerability was due to a general misconfiguration of Apache servers; this is a good example of the importance of "Secure Defaults" in open-source projects. An example of a generic request and response would be: openssl sclient -connect apache.example.com:443 GET apache.example.com/foo...

LabF nfsAxe 3.7 Ping Client Buffer Overflow

!/usr/bin/python Exploit Title: LabF nfsAxe 3.7 Ping Client - Buffer Overflow Vanilla Date: 20-04-2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.labf.com/nfsaxe Version: 3.7 Software Link : http://www.labf.com/download/nfsaxe.exe Contact: [email protected]...

CVE-2018-18489

The ping feature in the Diagnostic functionality on TP-LINK WR840N v2 Firmware 3.16.9 Build 150701 Rel.51516n devices allows remote attackers to cause a denial of service HTTP service termination by modifying the packet size to be higher than the UI limit of 1472...

CVE-2019-9974

diagtool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack...

CVE-2019-9974

diagtool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack...