what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 99 RSS Feed

Files

ASUS RT-N66U Directory Traversal
Posted Jun 24, 2013
Authored by Kyle Lovett

ASUS RT-N66U when HTTPS WebService via AiCloud is enabled suffers from a remote directory traversal vulnerability.

tags | exploit, remote, web, file inclusion
SHA-256 | 49327cffa6d3c90aec45f8ddba02a4c2918c77baa0ce204bd262799e2497c4bb

Related Files

ASUS Control Center Express 01.06.15 Unquoted Service Path
Posted Apr 2, 2024
Authored by Alaa Kachouh

ASUS Control Center Express version 01.06.15 suffers from an unquoted service path vulnerability.

tags | exploit
advisories | CVE-2024-27673
SHA-256 | 46266851a73ecc2b82bae221982b47e9b0424f7ba04367b4b5248bec99f9f696
Ubuntu Security Notice USN-6604-2
Posted Jan 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6604-2 - It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1079, CVE-2023-20588, CVE-2023-45863, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932
SHA-256 | 87adb9a0dd630857bb46668b561ed587d03265f1d69126841b1f12420169e7bc
Ubuntu Security Notice USN-6604-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6604-1 - It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1079, CVE-2023-20588, CVE-2023-45863, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932
SHA-256 | d17c6353365258970841d80fc94ccc64beed6a1122b15a1bc1be29121160ed39
ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root
Posted Feb 27, 2023
Authored by d1g

ASUS ASMB8 iKVM firmware versions 1.14.51 and below suffers from a flaw where SNMPv2 can be used with write access to introduce arbitrary extensions to achieve remote code execution as root. The researchers also discovered a hardcoded administrative account.

tags | exploit, remote, arbitrary, root, code execution
advisories | CVE-2023-26602
SHA-256 | a23c3b2021225bfb676a55bbdeafbcf1689dc045c5b50ecbfacebfc7ffe2014b
Asus GameSDK 1.0.0.4 Unquoted Service Path
Posted Jul 19, 2022
Authored by Angelo Pio Amirante

Asus GameSDK version 1.0.0.4 suffers from an unquoted service path vulnerability in GameSDK.exe.

tags | exploit
advisories | CVE-2022-35899
SHA-256 | cd88ac76d033405e5a3e34567ef8fd43237dddbf5f9d43a3e92a2f447d70a461
ASUS DisplayWidget Software 3.4.0.036 Unquoted Service Path
Posted Jun 22, 2021
Authored by Julio Avina

ASUS DisplayWidget Software version 3.4.0.036 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 135ba30154d912ebba59d90f64e69e8603c68e4fe97a3c97544d7e7cd1e8da2f
ASUS HID Access Service 1.0.94.0 Unquoted Service Path
Posted May 19, 2021
Authored by Alejandra Sanchez

ASUS HID Access Service version 1.0.94.0 suffers an unquoted service path vulnerability.

tags | exploit
SHA-256 | f05bc9ffd05cfedd3ae06f5f98a66619ed1338b9ba76c1c304607eede76ba1f1
ASUS Remote Link 1.1.2.13 Remote Code Execution
Posted Feb 25, 2021
Authored by H4rk3nz0

ASUS Remote Link version 1.1.2.13 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 1a5ce5f0862db47d2e5496fc7bc55a8224b182341334fc196f04fe6b19a14c3b
ASUS TM-AC1900 Arbitrary Command Execution
Posted Nov 13, 2020
Authored by b1ack0wl | Site metasploit.com

This Metasploit module exploits a code execution vulnerability within the ASUS TM-AC1900 router as an authenticated user. The vulnerability is due to a failure filter out percent encoded newline characters within the HTTP argument SystemCmd when invoking /apply.cgi which bypasses the patch for CVE-2018-9285.

tags | exploit, web, cgi, code execution
advisories | CVE-2018-9285
SHA-256 | ffe065bd21f5291ffd2dce01466f14f19a9e8833bf6d4dc92c47a3e0d3858343
ASUS Aura Sync 1.07.71 Privilege Escalation
Posted Jun 25, 2020
Authored by Connor McGarr, dhn | Site github.com

ASUS Aura Sync version 1.07.71 ene.sys privilege escalation kernel exploit.

tags | exploit, kernel
advisories | CVE-2019-17603
SHA-256 | e7ab712703b5aec8283763947cace886385e933263c2aec57c840e86c46387e6
ASUS AAHM 1.00.22 Unquoted Service Path
Posted Mar 12, 2020
Authored by Roberto Pina

ASUS AAHM version 1.00.22 suffers from an asHmComSvc unquoted service path vulnerability.

tags | exploit
SHA-256 | 7061a92b5d851ade994bca58f7bebc8788b9504cb2b12282bffdd7251c45a92c
ASUS AXSP 1.02.00 Unquoted Service Path
Posted Mar 11, 2020
Authored by Roberto Pina

ASUS AXSP version 1.02.00 suffers from an asComSvc unquoted service path vulnerability.

tags | exploit
SHA-256 | d6ff93ad584a3de21fd268257258b5f490e76ad00f19eaff8a596e4cadbf2152
ASUS GiftBox Desktop 1.1.1.127 Unquoted Service Path
Posted Mar 6, 2020
Authored by Oscar Flores

ASUS GiftBox Desktop version 1.1.1.127 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | aa757794fb7ccb8f8d65d62327cceb9fc1444a24d563bd648154d437114f227b
Unexplored Warfare Of 21st Century
Posted Feb 17, 2020
Authored by Monika Arora, Esha Chadha, Kartik Verma

Whitepaper called Unexplored Warfare of 21st Century. It analyzes Pegasus and Chrysaor.

tags | paper
SHA-256 | e7d7909cb7bb252df19aced5eb6143c5db61f1fad5acddea836c89cdf5458f6c
ASUS HM Com Service 1.00.31 Unquoted Service Path
Posted Nov 17, 2019
Authored by Olimpia Saucedo

ASUS HM Com Service version 1.00.31 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | e4a2db26429569fb959f0dca08cbe6ed4dcc0c2f8131fcd8633d5ae5e7b7abf7
ASUS RT-N10+ 2.0.3.4 CSRF / XSS / Command Execution
Posted Oct 14, 2019
Authored by Matheus Vrech

ASUS RT-N10+ with firmware version 2.0.3.4 suffers from cross site request forgery and cross site scripting vulnerabilities that can assist with achieving command execution.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 180bc134d00505aeee98979c9045c6ba75f0c0fb8e0cbf15853e5e72014cac0b
Asus Precision TouchPad 11.0.0.25 Denial Of Service / Privilege Escalation
Posted Aug 30, 2019
Authored by Athanasios Tserpelis

Asus Precision TouchPad version 11.0.0.25 suffers from denial of service and privilege escalation via pool overflow vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
advisories | CVE-2019-10709
SHA-256 | 781fa5fb4c090fbf82b363a4a66c005d97b1e04a7867c3bca917aeebee30c6fa
ASUS HG100 Denial Of Service
Posted Apr 17, 2019
Authored by Yint Wang

ASUS HG100 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2018-11492
SHA-256 | 118b077cce2f6f305f8ed7084fa284e217f384e8566233b52b812c3044df38bf
Pegasus CMS 1.0 Remote Code Execution
Posted Mar 14, 2019
Authored by R3zk0n

Pegasus CMS version 1.0 suffers from a code execution vulnerability in extra_fields.php.

tags | exploit, php, code execution
SHA-256 | 5654dd898fdbd2a74dc6a9899cffa43e0777a04f300fc3a71db69c3c27e51af4
ASUS Driver Privilege Escalation
Posted Dec 21, 2018
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Multiple vulnerabilities were found in the GLCKIo and Asusgio drivers installed by ASUS Aura Sync, which could allow a local attacker to elevate privileges. ASUS Aura Sync versions 1.07.22 and below are affected.

tags | exploit, local, vulnerability
advisories | CVE-2018-18535, CVE-2018-18536, CVE-2018-18537
SHA-256 | 255511782c79945ab6f218abd699801864552a7945b1791b84b548a8c0971a6a
ASUSTOR NAS ADM 3.1.0 Remote Command Execution / SQL Injection
Posted Aug 14, 2018
Authored by Kyle Lovett

ASUSTOR NAS ADM version 3.1.0 suffers from code execution and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection
advisories | CVE-2018-11509, CVE-2018-11510, CVE-2018-11511
SHA-256 | 1644681fa9ff008830ac7ddad2b94c3263d391b10d2e6962b1b9eaf1341a36be
ASUS DSL-N12E_C1 1.1.2.3_345 Remote Command Execution
Posted Aug 2, 2018
Authored by Fakhri Zulkifli

ASUS DSL-N12E_C1 version 1.1.2.3_345 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 4091ebc65733876d21ca6215fd2aebb322cee246abdd11ff7f6b8a5f4963158c
ASUS WRT-AC66U 3.x Cross Site Scripting
Posted Jul 11, 2018
Authored by Vulnerability Laboratory, Lawrence Amer | Site vulnerability-lab.com

ASUS WRT-AC66U version 3.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 25f38421dce8448e1973b878362b6084ab7cef4bc97261b008c67a51d03ebb73
AsusWRT RT-AC750GF Cross Site Request Forgery
Posted Jun 25, 2018
Authored by Wadeek

AsusWRT RT-AC750GF suffers from a cross site request forgery vulnerability in the change admin password flow.

tags | exploit, csrf
SHA-256 | 363560f7c28221e14f216c3e9133cd294040a8d4e3874784d921d8085a9c6803
ASUSTOR ADM 3.1.0.RFQ3 Chained Remote Code Execution
Posted May 2, 2018
Authored by Matthew F

ASUSTOR ADM versions 3.1.0.RFQ3 and below chained exploit that leverages stored cross site scripting, cross site request forgery, path traversal, and file upload vulnerabilities.

tags | exploit, vulnerability, xss, file upload, csrf
SHA-256 | fde4398e7091167691978b80ba156992eb0178ba24e6cfc20e75f8e0b0d810b8
Page 1 of 4
Back1234Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close