what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from HeadlessZeke

Linksys WVBR0-25 User-Agent Command Execution

Posted Jan 4, 2018

Authored by HeadlessZeke | Site metasploit.com

The Linksys WVBR0-25 Wireless Video Bridge, used by DirecTV to connect wireless Genie cable boxes to the Genie DVR, is vulnerable to OS command injection in versions prior to 1.0.41 of the web management portal via the User-Agent header. Authentication is not required to exploit this vulnerability.

tags | exploit, web

advisories | CVE-2017-17411

SHA-256 | 60407736f7e1de1519b05fc55add0932a67fcd3d6570595d9a8476a3162c5651

Download | Favorite | View

Arris VAP2500 tools_command.php Command Execution

Posted Jan 22, 2015

Authored by HeadlessZeke | Site metasploit.com

Arris VAP2500 access points are vulnerable to OS command injection in the web management portal via the tools_command.php page. Though authentication is required to access this page, it is trivially bypassed by setting the value of a cookie to an md5 hash of a valid username.

tags | exploit, web, php

advisories | CVE-2014-8423, CVE-2014-8424

SHA-256 | a3a633df95163ac8abfd1b19d769fa3b73f2a1713b3feb2b4d0ff3be073861e7

Download | Favorite | View