168 matches found
Auerswald COMpact 8.0B - Multiple Backdoors Vulnerability
Exploit Title: Auerswald COMpact 8.0B - Multiple Backdoors Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Multiple Backdoors RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to...
Auerswald COMpact 8.0B - Privilege Escalation Vulnerability
Exploit Title: Auerswald COMpact 8.0B - Privilege Escalation Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Privilege Escalation RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows low-privileged...
Auerswald COMpact 8.0B Backdoors
Advisory: Auerswald COMpact Multiple Backdoors RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to access the web-based management application full administrative access to the device. Details =======...
Auerswald COMpact 8.0B Arbitrary File Disclosure
Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the "sub-admin" privilege to access any files on the PBX's file system. Details ======= Product:...
Auerswald COMfortel 2.8F - Authentication Bypass
Exploit Title: Auerswald COMfortel 2.8F - Authentication Bypass Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Version: 1400/2600/3600 Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration...
Auerswald COMpact 8.0B - Arbitrary File Disclosure
Exploit Title: Auerswald COMpact 8.0B - Arbitrary File Disclosure Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX...
Auerswald COMpact 8.0B - Arbitrary File Disclosure Vulnerability
Exploit Title: Auerswald COMpact 8.0B - Arbitrary File Disclosure Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Arbitrary File Disclosure RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users...
Auerswald COMfortel 1400/2600/3600 IP 2.8F Authentication Bypass
Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in...
myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting (XSS)
Exploit Title: myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting XSS Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.myfactory.com/ Version: Enfold input NAME="txtUID" VALU...
Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)
Exploit Title: Altova MobileTogether Server 7.3 - XML External Entity Injection XXE Date: 2021-08-10 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.altova.com/mobiletogether-server Version: 7.3 CVE: 2021-37425 Advisory: XML External Entity Expansion in MobileTogether Server...
FRITZ!Box 7.20 - DNS Rebinding Protection Bypass Vulnerability
Exploit Title: FRITZ!Box 7.20 - DNS Rebinding Protection Bypass Date: 2020-06-23 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://en.avm.de/ Version: 7.20 CVE: 2020-26887 Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box...
BigBlueButton 2.2.25 File Disclosure / Server-Side Request Forgery
Advisory: Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton RedTeam Pentesting discovered a vulnerability in the BigBlueButton web conferencing system which allows participants of a conference with permissions to upload presentations to read arbitrary files from the file...
FRITZ!Box 7.20 DNS Rebinding Protection Bypass
Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box router devices which allows to resolve DNS answers that point to IP addresses in the private local network, despite the DNS rebinding protection mechanism. Details ======= Product:...
D-Link DSR-250N 3.12 - Denial of Service (PoC)
Exploit Title: D-Link DSR-250N 3.12 - Denial of Service PoC Google Dork: N/A Author: RedTeam Pentesting GmbH Date: 2020-10-03 Exploit Author: Kiko Andreu kikoas1995 & Daniel Monzón stark0de Vendor Homepage: https://www.dlink.com Software Link:...
WatchGuard Fireware AD Helper 5.8.5.10317 Credential Disclosure
Exploit: WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure Author: RedTeam Pentesting GmbH Date: 2020-03-11 Vendor: https://www.watchguard.com Software link: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/tdr/tdradhelperc.html CVE:...
IceWarp 12.2.0 / 12.1.x Cross Site Scripting
Advisory: IceWarp: Cross-Site Scripting in Notes During a penetration test, RedTeam Pentesting discovered that the IceWarp WebMail Server is prone to cross-site scripting attacks in notes for objects. If attackers with access to the IceWarp system provide a manipulated object that is displayed by...
IceWarp 12.2.0 / 12.1.x Cross Site Scripting
Advisory: IceWarp: Cross-Site Scripting in Notes for Contacts During a penetration test, RedTeam Pentesting discovered that the IceWarp WebMail Server is prone to user-assisted cross-site scripting attacks in its contact module. If IceWarp users import a manipulated vcard, for example from an...
Cisco Expressway Gateway 11.5.1 Directory Traversal Vulnerability
Exploit for hardware platform in category web applications Cisco Expressway Gateway 11.5.1 Directory Traversal Vulnerability Details ======= Product: Cisco Expressway Gateway Affected Versions: 11.5.1, possibly others Fixed Versions: See Cisco Bug ID CSCvo47769 1 Vulnerability Type: Directory...
Cisco Expressway Gateway 11.5.1 Directory Traversal
Advisory: Directory Traversal in Cisco Expressway Gateway RedTeam Pentesting discovered a directory traversal vulnerability in Cisco Expressway which enables access to administrative web interfaces. Details ======= Product: Cisco Expressway Gateway Affected Versions: 11.5.1, possibly others Fixed...
Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cisco RV320 and RV325 Unauthenticated Remote Code Execution", 'Description' = %q This exploit module combines an information disclosure...