Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919-POC Read about it - https://nvd.nist.gov/...

Exploit for Code Injection in Crushftp

CVE-2024-4040 SSTI & LFI PoC - Exploitation | CrushFTP This...

SolarView Compact 6.00 - Command Injection Exploit

Exploit Title: SolarView Compact 6.00 - Command Injection - Shodan Dork: http.html:"solarview compact" - Exploit Author: ByteHunter - Email: email protected - Version: 6.00 - Tested on: 6.00 - CVE : CVE-2023-23333 import argparse import requests def vulncheckipaddress, port: url =...

Honeywell PM43 Remote Code Execution

Exploit Title: Honeywell PM43 ' if htmlstartindex != -1: return responsetext:htmlstartindex else: return responsetext except requests.exceptions.RequestException as e: return f"Error: e" def main: parser = argparse.ArgumentParserdescription='Command Injection PoC for Honeywell PM43 Printers'...

Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)

Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...

Honeywell PM43 < P10.19.050004 - Remote Code Execution (RCE)

Exploit Title: Honeywell PM43 ' if htmlstartindex != -1: return responsetext:htmlstartindex else: return responsetext except requests.exceptions.RequestException as e: return f"Error: e" def main: parser = argparse.ArgumentParserdescription='Command Injection PoC for Honeywell PM43 Printers'...

Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution Exploit

Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: email protected - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import requests...

JetBrains TeamCity 2023.05.3 - Remote Code Execution Exploit

Exploit Title: JetBrains TeamCity 2023.05.3 - Remote Code Execution RCE - Shodan Dork: http.title:TeamCity , http.favicon.hash:-1944119648 - Exploit Author: ByteHunter - Vendor: JetBrains - Email: email protected - vendor: JetBrains - Version: versions before 2023.05.4 - Tested on: 2023.05.3 -...

Viessmann Vitogate 300 2.1.3.0 Remote Code Execution

Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...

Honeywell PM43 < P10.19.050004 - Remote Code Execution Exploit

Exploit Title: Honeywell PM43 ' if htmlstartindex != -1: return responsetext:htmlstartindex else: return responsetext except requests.exceptions.RequestException as e: return f"Error: e" def main: parser = argparse.ArgumentParserdescription='Command Injection PoC for Honeywell PM43 Printers'...

SolarView Compact 6.00 - Command Injection

Exploit Title: SolarView Compact 6.00 - Command Injection - Shodan Dork: http.html:"solarview compact" - Exploit Author: ByteHunter - Email: [email protected] - Version: 6.00 - Tested on: 6.00 - CVE : CVE-2023-23333 import argparse import requests def vulncheckipaddress, port: url =...

Juniper SRX Firewalls&EX switches - PreAuth Remote Code Execution Exploit

Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...

Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ This exploit...

Smart Office Web 20.28 Information Disclosure / Insecure Direct Object Reference

Exploit Title: Smart Office Web 20.28 - Remote Information Disclosure Unauthenticated Shodan Dork:: inurl:"https://www.shodan.io/search?query=smart+office" Date: 09/Dec/2022 Exploit Author: Tejas Nitin Pingulkar https://cvewalkthrough.com/ Vendor Homepage: https://smartofficepayroll.com/ Software...

Exploit for Cleartext Storage of Sensitive Information in Assmann Ht-Ip211Hdp_Firmware

CVE-2023-30146 - Assmann/HooToo Webcam Exploit - Sensitive Dat...

Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit

!/bin/bash Exploit Title: Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit Author: Behnam Abasi Vanda Vendor Homepage: https://www.sophos.com Version: Sophos Web Appliance older than version 4.3.10.4 Tested on: Ubuntu CVE : CVE-2023-1671 Shodan Dork: title:"Sophos Web Appliance"...

Sophos Web Appliance 4.3.10.4 - Pre-auth command injection

!/bin/bash Exploit Title: Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit Author: Behnam Abasi Vanda Vendor Homepage: https://www.sophos.com Version: Sophos Web Appliance older than version 4.3.10.4 Tested on: Ubuntu CVE : CVE-2023-1671 Shodan Dork: title:"Sophos Web Appliance"...

Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing

!/usr/bin/python3 Exploit Title: Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing Shodan Dork: http.favicon.hash:-2145085239 http.title:"Tenda | LOGIN" Date: 09/03/2023 Exploit Author: @h454nsec Github: https://github.com/H454NSec/CVE-2020-35391 Vendor Homepage:...

Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing Exploit

!/usr/bin/python3 Exploit Title: Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing Shodan Dork: http.favicon.hash:-2145085239 http.title:"Tenda | LOGIN" Exploit Author: @h454nsec Github: https://github.com/H454NSec/CVE-2020-35391 Vendor Homepage:...

Exploit for OS Command Injection in Netgate Pfblockerng

pfBlockerNG T...