psv-hildesheim.de Improper Access Control vulnerability OBB-3820178

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

karate-psv-hattingen.de Cross Site Scripting vulnerability OBB-3722790

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

NETGEAR WNR2000 RCE (PSV-2016-0261)

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. This vulnerability can only be exploited when an...

Netgear DGN2200v1 - Remote Command Execution (Unauthenticated) Exploit

Exploit Title: Netgear DGN2200v1 - Remote Command Execution RCE Unauthenticated Exploit Author: SivertPL Vendor Homepage: https://www.netgear.com/ Version: All prior to v1.0.0.60 !/usr/bin/python """ NETGEAR DGN2200v1 Unauthenticated Remote Command Execution Author: SivertPL email protected Date:...

CVE-2020-35785

NETGEAR DGN2200v1 devices before v1.0.0.60 mishandle HTTPd authentication aka PSV-2020-0363, PSV-2020-0364, and PSV-2020-0365...

Authentication flaw

NETGEAR DGN2200v1 devices before v1.0.0.60 mishandle HTTPd authentication aka PSV-2020-0363, PSV-2020-0364, and PSV-2020-0365...

CVE-2020-35785

NETGEAR DGN2200v1 devices with firmware versions prior to 1.0.0.60 are affected by an HTTPd authentication mishandling vulnerability (CVE-2020-35785). The issue enables unauthenticated or weakly authenticated access that could allow a remote attacker to exploit the HTTPd service. Public sources i...

psv-linz.at XSS vulnerability

Open Bug Bounty ID: OBB-658841 Description| Value ---|--- Affected Website:| psv-linz.at Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Other Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Starbucks: Multiple Subdomain takeovers via unclaimed instances

Hacker @benoculars was able to successfully faciliate multiple subdomain takeovers by taking advantage of a process flow to use some of the space provided for germany.openapi.starbucks.com, psv.openapi.starbucks.com, stage-psv.openapi.starbucks.com, and test-psv.openapi.starbucks.com. While we we...

CVE-2017-6862

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261...

Remote code execution

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261...

CVE-2017-6862

NETGEAR WNR2000v3 devices before 1.1.2.14, WNR2000v4 devices before 1.0.0.66, and WNR2000v5 devices before 1.0.0.42 allow authentication bypass and remote code execution via a buffer overflow that uses a parameter in the administration webapp. The NETGEAR ID is PSV-2016-0261...

CVE-2017-6862

Netgear WNR2000 series (WNR2000v3 prior to 1.1.2.14, WNR2000v4 prior to 1.0.0.66, WNR2000v5 prior to 1.0.0.42) are affected by a buffer-overflow vulnerability in the administration web interface that allows authentication bypass and remote code execution. The root cause is a buffer overflow trigg...