LW-N605R 12.20.2.1486 - Remote Code Execution

Title: LW-N605R 12.20.2.1486 - Remote Code Execution Date: 2018-09-09 Author: Nassim Asrir Vendor: LINK-NET Product Link: http://linknet-usa.com/main/productinfo.php?productsid=35&language=es Firmware version: 12.20.2.1486 CVE: N/A Description: LW-N605R devices allow Remote Code Execution via she...

Visual Ping 0.8.0.0 Denial Of Service

Exploit Title: Visual Ping 0.8.0.0 - 'Host' Denial of Service PoC Date: 2018-08-30 Exploit Author: Uriel Corral Salinas Vendor Homepage: http://www.itlights.com Software Link: http://www.scanwith.com/download/FreeVisualPing.htm Version: Free Visual Ping Version 0.8.0.0 Tested on: Windows 10 Pro x...

Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC)

Exploit Title: Visual Ping 0.8.0.0 - 'Host' Denial of Service PoC Date: 2018-08-30 Exploit Author: Uriel Corral Salinas Vendor Homepage: http://www.itlights.com Software Link: http://www.scanwith.com/download/FreeVisualPing.htm Version: Free Visual Ping Version 0.8.0.0 Tested on: Windows 10 Pro x...

Visual Ping 0.8.0.0 - Host Denial of Service (PoC)

Visual Ping 0.8.0.0 - Host Denial of Service PoC Exploit Title: Visual Ping 0.8.0.0 - 'Host' Denial of Service PoC Date: 2018-08-30 Exploit Author: Uriel Corral Salinas Vendor Homepage: http://www.itlights.com Software Link: http://www.scanwith.com/download/FreeVisualPing.htm Version: Free Visual...

Visual Ping 0.8.0.0 - Host Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Visual Ping 0.8.0.0 - 'Host' Denial of Service PoC Exploit Author: Uriel Corral Salinas Vendor Homepage: http://www.itlights.com Software Link: http://www.scanwith.com/download/FreeVisualPing.htm Version: Free Visual Ping Version...

The Offensive Web Application Penetration Testing Framework: TIDoS

TIDoS Framework is a comprehensive web-app audit framework. TIDoS is made to be comprehensive and versatile. It is a highly flexible framework where you just have to select and use modules. But before that, you need to set your own API KEYS for various OSINT purposes. To do so, open up APIKEYS.py...

CVE-2018-15887

MainAnalysisContent.asp in ASUS DSL-N12EC1 1.1.2.3345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request...

CVE-2018-15887

MainAnalysisContent.asp in ASUS DSL-N12EC1 1.1.2.3345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request...

Crestron Multiple Products CTP Console PING Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PING command of the CTP console. The issue results from the lack...

Netgear WNDR4500 Information Disclosure Vulnerability

The Netgear WNDR4500 is a wireless router product from NetGear. An information disclosure vulnerability exists in the Netgear WNDR4500 using firmware version 1.0.1.401.0.6877. The vulnerability can be exploited by a remote attacker to gain unauthenticated access to the genieping.htm,...

CVE-2016-5638

There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.401.0.6877. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can access genieping.htm or genieping2.htm or...

NETworkManager - A Powerful Tool For Managing Networks And Troubleshoot Network Problems

A powerful tool for managing networks and troubleshoot network problems! Features Network Interface - Information, Configure IP-Scanner Port-Scanner Ping Traceroute DNS Lookup Remote Desktop PuTTY SNMP - Get, Walk, Set v1, v2c, v3 Wake on LAN HTTP Headers Subnet Calculator - Calculator, Subnettin...

Remote Code Execution (RCE)

mcollective-client is vulnerable to remote code execution. This is due to the use of eval to evaluate comparison expressions in discovery filters, which allows an attacker to execute arbitrary code via the mco ping command...

CVE-2018-12577

The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection...

Command injection

The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection...

CVE-2018-12577

The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection...

CVE-2018-12577

CVE-2018-12577 affects TP-Link TL-WR841N v13 devices (firmware 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n). The Ping and Traceroute features are susceptible to authenticated blind command injection due to unsanitized user input being incorporated into commands. An authenticated attacker can execu...

VMware NSX SD-WAN Edge 3.1.2 - Command Injection

VMware NSX SD-WAN Edge 3.1.2 - Command Injection !/usr/bin/env python Exploit Title: Unauthenticated Command Injection vulnerability in VMware NSX SD-WAN by VeloCloud Date: 2018-06-29 Exploit Author: paragonsec @ Critical Start Credit: Brian Sullivan from Tevora and Section 8 @ Critical Start...

TP-Link TL-WR841N V13 Command Injection Vulnerability

Exploit for hardware platform in category web applications Vulnerability: Authenticated Blind Command Injection Affected Software: TP-Link TL-WR841N v13 Affected Version: 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n Patched Version: None Overview The ping and traceroute functionalities allow for OS...

TP-Link TL-WR841N v13 Authentication Command Injection Vulnerability

The TP-Link TL-WR841N v13 is a wireless router device. An authentication command injection vulnerability exists in the TP-Link TL-WR841N v13 ping and traceroute functions. An authenticated attacker can execute arbitrary commands on the router by sending specific CREST HTTP requests to the router...