22 matches found
CVE-2022-27022
There is a stack overflow vulnerability in the SetSysTimeCfg function in the httpd service of Tenda AC9 V15.03.2.21cn. The attacker can obtain a stable root shell through a constructed payload...
PT-2024-27005 · Swissphone · Swissphone Dical-Red 4009
Name of the Vulnerable Software and Affected Versions: Swissphone DiCal-RED 4009 devices affected versions not specified Description: The issue allows a remote attacker to gain a root shell via TELNET without authentication. Recommendations: At the moment, there is no information about a newer...
CVE-2020-12519
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges...
Command Execution Vulnerability in Arifang Technology 4G Module Performance King N720
Shenzhen Youfang Technology Co., Ltd. is an enterprise focusing on M2M IoT wireless communication products and services, providing industrial module products and related services in GPRS, CDMA 1X, WCDMA, EVDO, LTE and other communication standards. A command execution vulnerability exists in the ...
Unauthorized Access Vulnerability in Communication Module CLM920_NC5 of Shanghai Haige Information Technology Co.
Ltd. is engaged in the research, development, production and operation of 3G/3.75G/4G/NB communication module, which is a communication module company with a patch production factory. An unauthorized access vulnerability exists in communication module CLM920NC5 of Shanghai Haige Information...
Command Execution Vulnerability in China Telecom's Smart Gateway Management Platform
China Telecom Group Corporation is a large state-owned communications enterprise in China, a global partner of Shanghai World Expo, and one of the "World's Top 500 Enterprises" for many years in a row. It mainly operates integrated information services such as fixed-line telephony, mobile...
Synology Photostation 6.7.2-3429 - Remote Code Execution Exploit
Exploit for php platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Synology PhotoStation Multiple Vulnerabilities", 'Description' = %q This module exploits...
pfSense 2.3.2 - Cross-Site Scripting Cross-Site Request Forgery
pfSense 2.3.2 - Cross-Site Scripting Cross-Site Request Forgery Exploit Title: pfSense 2.3.2 XSS - CSRF-bypass & Reverse-root-shell Date: 01/03/2017 Author: Yann CAM @ASafety / Synetis Vendor or Software Link: www.pfsense.org Version: 2.3.2 Category: XSS, CSRF-bypass and Remote root reverse-shell...
pfSense 2.3.2 - Cross-Site Scripting / Cross-Site Request Forgery
Exploit Title: pfSense 2.3.2 XSS - CSRF-bypass & Reverse-root-shell Date: 01/03/2017 Author: Yann CAM @ASafety / Synetis Vendor or Software Link: www.pfsense.org Version: 2.3.2 Category: XSS, CSRF-bypass and Remote root reverse-shell Access Google dork: Tested on: FreeBSD pfSense firewall/router...
ASUS-RT-AC66U-acsd-Param
TitleASUS RT-AC66U Remote Root Shell Exploit - acsd param command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob Holcomb/Gimppy and Jacob Thompson Security Analsyts @ Independent Security Evaluators Software Vendorhttp://asus.com Exploit/Advisoryhttp://securityevaluators.com,...
HP Data Protector - Remote Root Shell (Linux Version)
No description provided by source. !/bin/bash Exploit Title: HP Data Protector Remote Root Shell for Linux Date: 2011-08-10 Author: SZ Software Link:http://www8.hp.com/us/en/software/software- product.html?compURI=tcm:245-936920&pageTitle=data-protector Version: 0.9 Tested on: HP-UX, Linux CVE:...
D-Link DSR Router Series - Remote Root Shell Exploit
No description provided by source. !/usr/bin/python CVEs: CVE-2013-5945 - Authentication Bypass by SQL-Injection CVE-2013-5946 - Privilege Escalation by Arbitrary Command Execution Vulnerable Routers: D-Link DSR-150 Firmware v1.08B44 D-Link DSR-150N Firmware v1.05B64 D-Link DSR-250 and DSR-250N...
ASUS RT-N56U - Remote Root Shell Buffer Overflow (ROP)
No description provided by source. !/usr/bin/env python from time import sleep from sys import exit import urllib2, signal, struct, base64, socket, ssl Title: ASUS RT-N56U Remote Root Shell Exploit - appsname Discovered and Reported: October 2013 Discovered/Exploited By: Jacob Holcomb/Gimppy -...
TRENDnet Shell
Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...
TRENDnet Shell
Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...
ASUS RT-N56U Remote Root
!/usr/bin/env python from time import sleep from sys import exit import urllib2, signal, struct, base64, socket, ssl Title: ASUS RT-N56U Remote Root Shell Exploit - appsname Discovered and Reported: October 2013 Discovered/Exploited By: Jacob Holcomb/Gimppy - Security Analyst @ ISE Contact: Twitt...
ASUS RT-AC66U acsd Param - Remote Root Shell Exploit
Exploit for hardware platform in category remote exploits !/usr/bin/env python import signal, struct from time import sleep from socket import from sys import exit, excinfo TitleASUS RT-AC66U Remote Root Shell Exploit - acsd param command Discovered and ReportedJune 2013 Discovered/Exploited...
PCMan's FTP Server 2.0.7 - Buffer Overflow Exploit
Exploit for windows platform in category remote exploits !/usr/bin/env python import signal from time import sleep from socket import from sys import exit, excinfo TitlePCMan FTP Server v2.0.7 Remote Root Shell Exploit - USER Command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob...
PCMan FTP Server 2.0.7 - Remote Buffer Overflow
PCMan FTP Server 2.0.7 - Remote Buffer Overflow !/usr/bin/env python import signal from time import sleep from socket import from sys import exit, excinfo TitlePCMan FTP Server v2.0.7 Remote Root Shell Exploit - USER Command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob...
Security Advisory AA-007: Arbitrary File Upload Vulnerability in Sitecom Home Storage Center
Security Advisory AA-007: Arbitrary File Upload Vulnerability in Sitecom Home Storage Center Severity Rating: High Discovery Date: July 29, 2012 Vendor Notification: July 30, 2012 Disclosure Date: September 11, 2012 Vulnerability Type= Arbitrary file upload Impact= Loss of system integrity...