EUVD-2018-3938

Malware in sbrugna...

Netgear R6700v3 Unauthenticated LAN Admin Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear R6700v3 Unauthenticated LAN Admin Password Reset', 'Description' = %q This module targets ZDI-20-704 aka CVE-2020-10924, a buffer overflo...

Update now! Netgear vulnerability patched

Netgear has released a fix for a vulnerability on several of their product models. The affected product models include extenders, routers, air cards, and modems. The vulnerability was discovered by researchers at GRIMM, but prior to the planned disclosure date, Netgear released a patch that fixed...

NETGEAR R6700v3 Password Reset / Remote Code Execution Exploit

This document describes a stack overflow vulnerability that was found in October, 2019 and presented in the Pwn2Own Mobile 2019 competition in November 2019. The vulnerability is present in the UPNP daemon /usr/sbin/upnpd, running on NETGEAR R6700v3 router with firmware versions V1.0.4.8210.0.57...

NETGEAR R6700v3 Password Reset / Remote Code Execution

tokyodrift ======= Summary This document describes a stack overflow vulnerability that was found by Pedro Ribeiro @pedrib1337 | [email protected] and Radek Domanski @RabbitPro in October 2019 and presented in the Pwn2Own Mobile 2019 competition in November 2019. The vulnerability is present in the...

NETGEAR WNDR3400v3 Stack Buffer Overflow Vulnerability

The NETGEAR WNDR3400v3 is a wireless router from NETGEAR. A buffer overflow vulnerability exists in the upnpd binary in the NETGEAR WNDR3400v3 using firmware version 1.0.1.181.0.63. The vulnerability originates when a network system or product performs an operation on memory without properly...

MiniUPnP MiniUPnPd code issue vulnerability (CNVD-2019-14713)

MiniSSDPd is a daemon for managing SSDPs on Posix systems. MiniUPnP A code issue vulnerability exists in the GetOutboundPinholeTimeout of the upnpsoap.c file used for remport in MiniUPnP MiniUPnPd 2.1 and earlier versions. The vulnerability stems from an improperly designed or implemented code...

CVE-2018-11946

The CVE-2018-11946 entry concerns CAF-derived Android/Linux builds (Android for MSM, Firefox OS for MSM, QRD Android). The vulnerability is that the UPnP daemon may be running out of the box, enabling port forwarding without authentication. Documented impacts indicate potential exposure due to un...

CVE-2013-0230

Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method...