Osprey Pump Controller 1.0.1 - (eventFileSelected) Command Injection

Exploit Title: Osprey Pump Controller 1.0.1 - eventFileSelected Command Injection Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021...

Osprey Pump Controller 1.0.1 - Unauthenticated File Disclosure

Exploit Title: Osprey Pump Controller 1.0.1 - Unauthenticated File Disclosure Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirag...

Osprey Pump Controller 1.0.1 eventFileSelected Command Injection Vulnerability

Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the eventFileSelected HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts. Ospr...

Osprey Pump Controller 1.0.1 pseudonym Command Injection Vulnerability

Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the pseudonym HTTP POST parameter called by index.php script. Osprey Pump Controller 1.0.1 pseudonym Semi-blind...

Osprey Pump Controller 1.0.1 Unauthenticated Remote Code Execution Exploit

!/usr/bin/env python Osprey Pump Controller 1.0.1 Unauthenticated Remote Code Execution Exploit Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App:...

Osprey Pump Controller 1.0.1 userName Command Injection Vulnerability

Osprey Pump Controller 1.0.1 userName Blind Command Injection Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage App: MirageAppManager, Release 1.0.1 Mira...

Osprey Pump Controller 1.0.1 Predictable Session Token / Session Hijack

Summary Providing pumping systems and automated controls for golf courses and turf irrigation, municipal water and sewer, biogas, agricultural, and industrial markets. Osprey: door-mounted, irrigation and landscape pump controller. Technology hasn't changed dramatically on pump and electric motor...

Osprey Pump Controller 1.0.1 Unauthenticated Reflected XSS

Summary Providing pumping systems and automated controls for golf courses and turf irrigation, municipal water and sewer, biogas, agricultural, and industrial markets. Osprey: door-mounted, irrigation and landscape pump controller. Technology hasn't changed dramatically on pump and electric motor...

Osprey Pump Controller 1.0.1 (userName) Blind Command Injection

Summary Providing pumping systems and automated controls for golf courses and turf irrigation, municipal water and sewer, biogas, agricultural, and industrial markets. Osprey: door-mounted, irrigation and landscape pump controller. Technology hasn't changed dramatically on pump and electric motor...

Osprey Pump Controller 1.0.1 (eventFileSelected) Command Injection

Summary Providing pumping systems and automated controls for golf courses and turf irrigation, municipal water and sewer, biogas, agricultural, and industrial markets. Osprey: door-mounted, irrigation and landscape pump controller. Technology hasn't changed dramatically on pump and electric motor...

Osprey Pump Controller 1.0.1 Unauthenticated File Disclosure

Summary Providing pumping systems and automated controls for golf courses and turf irrigation, municipal water and sewer, biogas, agricultural, and industrial markets. Osprey: door-mounted, irrigation and landscape pump controller. Technology hasn't changed dramatically on pump and electric motor...

Raspberry Pi OS / Raspbian Default Credentials (SSH)

The remote Raspberry Pi OS / Raspbian system is using known default credentials for the SSH login. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Home Assistant Community Store 1.10.0 Path Traversal

Exploit Title: Home Assistant Community Store HACS 1.10.0 - Path Traversal to Account Takeover Date: 2021-01-28 Exploit Author: Lyghtnox Vendor Homepage: https://www.home-assistant.io/ Software Link: https://github.com/hacs/integration Version: 1.10.0 Tested on: Raspbian + Home Assistant 2021.1.0...

raspbian-wifi-node-js (>=1.0.0 <=1.0.3), raspbian-wifi-node-jsgit (=1.0.1) potentially affected by unknown CVE via node-wifi (=1.2.5)

node-wifi NPM version =1.2.5 is affected by a known vulnerability. The following packages have a transitive dependency on node-wifi and may be impacted: - raspbian-wifi-node-js =1.0.0, =1.0.3 - raspbian-wifi-node-jsgit =1.0.1 Source cves: unknown CVE Source advisory: OSV:GHSA-4X6X-782Q-JFC4...

Linux/ARM - execve /bin/dash Shellcode (32 bytes)

Title: Linux/ARM - execve /bin/dash Shellcode 32 bytes Category: Shellcode Tested: armv7l 32-bitRaspberry Pi 2 Model B OS: Raspbian Buster Lite Author: Anurag Srivastava Description: execve shellcode / Objdump pi@raspberrypi:/hex $ objdump -d ed1 ed1: file format elf32-littlearm Disassembly of...

Thrive Smart Home 1.1 - Authentication Bypass

Thrive Smart Home 1.1 - Authentication Bypass Exploit: Thrive Smart Home 1.1 - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: Thrive Product web page: http://www.thrivesmarthomes.com Affected version: 1.1 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID:...

Thrive Smart Home 1.1 - Authentication Bypass

Exploit: Thrive Smart Home 1.1 - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: Thrive Product web page: http://www.thrivesmarthomes.com Affected version: 1.1 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5554 Advisory URL:...

Linux/ARM - Fork Bomb Shellcode (20 bytes)

Title: Linux/ARM - Fork Bomb Shellcode 20 bytes Category: Shellcode Tested: armv7l 32-bitRaspberry Pi 2 Model B OS: Raspbian Buster Lite Author: CJHackerz Description: This shellcode creates new processes in infinite loop to exhaust CPU resources leading to crash / Compilation instruction...

Vuls - Vulnerability Scanner For Linux/FreeBSD, Agentless, Written In Go

Vulnerability scanner for Linux/FreeBSD, agentless, written in golang. Twitter: @vulsen DEMO Abstract For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in production environment, it is common for...

Linux/ARM - sigaction() Based Egghunter (PWN!) + execve Shellcode (52 Bytes)

/ Title: Linux/ARM - sigaction Based Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 52 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...