28 matches found
Exploit for Incorrect Authorization in Pydio Cells
PoC for CVE-2023-32749 This is a quick and dirty PoC I wrote...
ZKTeco ZEM/ZMM 8.88 - Missing Authentication Vulnerability
Exploit Title: ZKTeco ZEM/ZMM 8.88 - Missing Authentication Exploit Author: RedTeam Pentesting GmbH CVE: CVE-2022-42953 Advisory: Missing Authentication in ZKTeco ZEM/ZMM Web Interface The ZKTeco time attendance device does not require authentication to use the web interface, exposing the databas...
ZKTeco ZEM/ZMM 8.88 - Missing Authentication
Exploit Title: ZKTeco ZEM/ZMM 8.88 - Missing Authentication Exploit Author: RedTeam Pentesting GmbH CVE: CVE-2022-42953 Advisory: Missing Authentication in ZKTeco ZEM/ZMM Web Interface The ZKTeco time attendance device does not require authentication to use the web interface, exposing the databas...
Creston Web Interface 1.0.0.2159 - Credential Disclosure Vulnerability
Exploit Title: Creston Web Interface 1.0.0.2159 - Credential Disclosure Exploit Author: RedTeam Pentesting GmbH Advisory: Credential Disclosure in Web Interface of Crestron Device When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are...
Two backdoors detected in Auerswald VoIP ystem
By Deeba Ahmed The backdoors were detected during penetration testing by RedTeam Pentesting GmbH. This is a post from HackRead.com Read the original post: Two backdoors detected in Auerswald VoIP ystem...
Auerswald COMfortel 2.8F - Authentication Bypass Vulnerability
Exploit Title: Auerswald COMfortel 2.8F - Authentication Bypass Exploit Author: RedTeam Pentesting GmbH Version: 1400/2600/3600 Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface o...
myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting (XSS)
Exploit Title: myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting XSS Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.myfactory.com/ Version: Enfold input NAME="txtUID" VALU...
Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)
Exploit Title: Altova MobileTogether Server 7.3 - XML External Entity Injection XXE Date: 2021-08-10 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.altova.com/mobiletogether-server Version: 7.3 CVE: 2021-37425 Advisory: XML External Entity Expansion in MobileTogether Server...
FRITZ!Box 7.20 - DNS Rebinding Protection Bypass Vulnerability
Exploit Title: FRITZ!Box 7.20 - DNS Rebinding Protection Bypass Date: 2020-06-23 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://en.avm.de/ Version: 7.20 CVE: 2020-26887 Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box...
Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cisco RV320 and RV325 Unauthenticated Remote Code Execution", 'Description' = %q This exploit module combines an information disclosure...
Cisco RV320 / RV325 Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cisco RV320 and RV325 Unauthenticated Remote Code Execution", 'Description' = %q This exploit module combines an information disclosure...
Cisco RV320 and RV325 Unauthenticated Remote Code Execution
This exploit module combines an information disclosure CVE-2019-1653 and a command injection vulnerability CVE-2019-1652 together to gain unauthenticated remote code execution on Cisco RV320 and RV325 small business routers. Can be exploited via the WAN interface of the router. Either via HTTPS o...
Critical Code Execution Flaw Found in CyberArk Enterprise Password Vault
A critical remote code execution vulnerability has been discovered in CyberArk Enterprise Password Vault application that could allow an attacker to gain unauthorized access to the system with the privileges of the web application. Enterprise password manager EPV solutions help organizations...
CVE-2015-8124: Session Fixation in the "Remember Me" Login Feature
Affected Versions Symfony 2.3.0 to 2.3.34, 2.6.0 - 2.6.11, 2.7.0 - 2.7.6 versions of the Security component are affected by this security issue. This issue has been fixed in Symfony 2.3.35, 2.6.12, and 2.7.7. Note that no fixes are provided for Symfony 2.4 and 2.5 as they are not maintained...
TYPO3 Extension Akronymmanager 0.5.0 - SQL Injection
TYPO3 Extension Akronymmanager 0.5.0 - SQL Injection Advisory: SQL Injection in TYPO3 Extension Akronymmanager An SQL injection vulnerability in the TYPO3 extension "Akronymmanager" allows authenticated attackers to inject SQL statements and thereby read data from the TYPO3 database. Details...
WoltLab Burning Board 4.0 Tapatalk Open Redirect
The Tapatalk Plugin com.tapatalk.wbb4 for WoltLab Burning Board 4.0 prior to version 1.1.2 allowed to redirect users to arbitrary URLs. This was possible by specifying the target URL in the URL parameter boardurl in URLs like the following:...
Exim sender_address Parameter - RCE Exploit
No description provided by source. !/usr/bin/env python Exim senderaddress Parameter - Remote Command Execution Exploit Vulnerability found by RedTeam Pentesting GmbH https://www.redteam-pentesting.de/en/advisories/rt-sa-2013-001/ Exploit written by eKKiM...
TLS Renegotiation Vulnerability PoC
No description provided by source. !/usr/bin/env python RedTeam Pentesting GmbH [email protected] http://www.redteam-pentesting.de PoC exploit for the TLS renegotiation vulnerability CVE-2009-3555 License ------- CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/ Timeline -------...
Exim sender_address Parameter - RCE Exploit
Exploit for linux platform in category remote exploits !/usr/bin/env python Exim senderaddress Parameter - Remote Command Execution Exploit Vulnerability found by RedTeam Pentesting GmbH https://www.redteam-pentesting.de/en/advisories/rt-sa-2013-001/ Exploit written by eKKiM...
Exim - sender_address Remote Code Execution
Exim - senderaddress Remote Code Execution !/usr/bin/env python Exim senderaddress Parameter - Remote Command Execution Exploit Vulnerability found by RedTeam Pentesting GmbH https://www.redteam-pentesting.de/en/advisories/rt-sa-2013-001/ Exploit written by eKKiM...