Lucene search
+L

168 matches found

0day.today
0day.today
added 2021/12/06 12:0 a.m.411 views

Auerswald COMpact 8.0B - Multiple Backdoors Vulnerability

Exploit Title: Auerswald COMpact 8.0B - Multiple Backdoors Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Multiple Backdoors RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to...

9.8CVSS0.7AI score0.71979EPSS
Exploits6
0day.today
0day.today
added 2021/12/06 12:0 a.m.371 views

Auerswald COMpact 8.0B - Privilege Escalation Vulnerability

Exploit Title: Auerswald COMpact 8.0B - Privilege Escalation Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Privilege Escalation RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows low-privileged...

8.8CVSS1.8AI score0.02028EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/12/06 12:0 a.m.432 views

Auerswald COMpact 8.0B Backdoors

Advisory: Auerswald COMpact Multiple Backdoors RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to access the web-based management application full administrative access to the device. Details =======...

0.5AI score0.71979EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/12/06 12:0 a.m.407 views

Auerswald COMpact 8.0B Arbitrary File Disclosure

Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the "sub-admin" privilege to access any files on the PBX's file system. Details ======= Product:...

0.6AI score0.02394EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/12/06 12:0 a.m.506 views

Auerswald COMfortel 2.8F - Authentication Bypass

Exploit Title: Auerswald COMfortel 2.8F - Authentication Bypass Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Version: 1400/2600/3600 Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration...

7.5CVSS7.6AI score0.5106EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/12/06 12:0 a.m.449 views

Auerswald COMpact 8.0B - Arbitrary File Disclosure

Exploit Title: Auerswald COMpact 8.0B - Arbitrary File Disclosure Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX...

6.8CVSS5.2AI score0.02394EPSS
Exploits4
0day.today
0day.today
added 2021/12/06 12:0 a.m.363 views

Auerswald COMpact 8.0B - Arbitrary File Disclosure Vulnerability

Exploit Title: Auerswald COMpact 8.0B - Arbitrary File Disclosure Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users...

4.9CVSS5.7AI score0.02394EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/12/06 12:0 a.m.468 views

Auerswald COMfortel 1400/2600/3600 IP 2.8F Authentication Bypass

Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in...

0.3AI score0.5106EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/10/19 12:0 a.m.607 views

myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting (XSS)

Exploit Title: myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting XSS Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.myfactory.com/ Version: Enfold input NAME="txtUID" VALU...

6.1CVSS6.3AI score0.05832EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/08/12 12:0 a.m.549 views

Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)

Exploit Title: Altova MobileTogether Server 7.3 - XML External Entity Injection XXE Date: 2021-08-10 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.altova.com/mobiletogether-server Version: 7.3 CVE: 2021-37425 Advisory: XML External Entity Expansion in MobileTogether Server...

9.1CVSS8.6AI score0.66278EPSS
Exploits4
0day.today
0day.today
added 2020/12/18 12:0 a.m.52 views

FRITZ!Box 7.20 - DNS Rebinding Protection Bypass Vulnerability

Exploit Title: FRITZ!Box 7.20 - DNS Rebinding Protection Bypass Date: 2020-06-23 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://en.avm.de/ Version: 7.20 CVE: 2020-26887 Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box...

7.8CVSS0.1AI score0.01402EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/10/21 12:0 a.m.819 views

BigBlueButton 2.2.25 File Disclosure / Server-Side Request Forgery

Advisory: Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton RedTeam Pentesting discovered a vulnerability in the BigBlueButton web conferencing system which allows participants of a conference with permissions to upload presentations to read arbitrary files from the file...

5CVSS0.3AI score0.78683EPSS
Exploits8
Packet Storm
Packet Storm
added 2020/10/19 12:0 a.m.660 views

FRITZ!Box 7.20 DNS Rebinding Protection Bypass

Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box router devices which allows to resolve DNS answers that point to IP addresses in the private local network, despite the DNS rebinding protection mechanism. Details ======= Product:...

0.2AI score0.01402EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/10/08 12:0 a.m.710 views

D-Link DSR-250N 3.12 - Denial of Service (PoC)

Exploit Title: D-Link DSR-250N 3.12 - Denial of Service PoC Google Dork: N/A Author: RedTeam Pentesting GmbH Date: 2020-10-03 Exploit Author: Kiko Andreu kikoas1995 & Daniel Monzón stark0de Vendor Homepage: https://www.dlink.com Software Link:...

5.5CVSS5.5AI score0.17176EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/03/12 12:0 a.m.129 views

WatchGuard Fireware AD Helper 5.8.5.10317 Credential Disclosure

Exploit: WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure Author: RedTeam Pentesting GmbH Date: 2020-03-11 Vendor: https://www.watchguard.com Software link: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/tdr/tdradhelperc.html CVE:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/01/03 12:0 a.m.189 views

IceWarp 12.2.0 / 12.1.x Cross Site Scripting

Advisory: IceWarp: Cross-Site Scripting in Notes During a penetration test, RedTeam Pentesting discovered that the IceWarp WebMail Server is prone to cross-site scripting attacks in notes for objects. If attackers with access to the IceWarp system provide a manipulated object that is displayed by...

5.6AI score0.00602EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/01/02 12:0 a.m.209 views

IceWarp 12.2.0 / 12.1.x Cross Site Scripting

Advisory: IceWarp: Cross-Site Scripting in Notes for Contacts During a penetration test, RedTeam Pentesting discovered that the IceWarp WebMail Server is prone to user-assisted cross-site scripting attacks in its contact module. If IceWarp users import a manipulated vcard, for example from an...

6.4AI score0.00866EPSS
Exploits2
0day.today
0day.today
added 2019/05/21 12:0 a.m.279 views

Cisco Expressway Gateway 11.5.1 Directory Traversal Vulnerability

Exploit for hardware platform in category web applications Cisco Expressway Gateway 11.5.1 Directory Traversal Vulnerability Details ======= Product: Cisco Expressway Gateway Affected Versions: 11.5.1, possibly others Fixed Versions: See Cisco Bug ID CSCvo47769 1 Vulnerability Type: Directory...

4CVSS0.5AI score0.03818EPSS
Exploits2
Packet Storm
Packet Storm
added 2019/05/17 12:0 a.m.269 views

Cisco Expressway Gateway 11.5.1 Directory Traversal

Advisory: Directory Traversal in Cisco Expressway Gateway RedTeam Pentesting discovered a directory traversal vulnerability in Cisco Expressway which enables access to administrative web interfaces. Details ======= Product: Cisco Expressway Gateway Affected Versions: 11.5.1, possibly others Fixed...

4CVSS0.4AI score0.03818EPSS
Exploits2
Exploit DB
Exploit DB
added 2019/04/03 12:0 a.m.235 views

Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cisco RV320 and RV325 Unauthenticated Remote Code Execution", 'Description' = %q This exploit module combines an information disclosure...

7.1AI score
Exploits0
Rows per page
Query Builder