exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files from Emanuel Duss

Email addressemanuel.duss at compass-security.com
First Active2019-01-17
Last Active2022-03-21
3CX Phone System Cleartext Passwords
Posted Mar 21, 2022
Authored by Emanuel Duss

The 3CX Phone System stores password in the clear as well as makes them exportable in the administration interface.

tags | advisory
advisories | CVE-2021-45491
SHA-256 | 2c1705c4372ab218a33192a0a6965c618979430b30d44e4c74099369db74b516
3CX Client Missing TLS Validation
Posted Mar 21, 2022
Authored by Emanuel Duss

The 3CX Client for Windows (legacy), Android, and iOS fails to properly validate TLS certificates.

tags | advisory
systems | windows, ios
advisories | CVE-2021-45490
SHA-256 | 074017ebf0abca4d37a8b67b240f167c0bec4bbfda44f67fe65cc2c9c71455a1
Ionic Identity Vault 5.0.4 PIN Unlock Lockout Bypass
Posted Nov 22, 2021
Authored by Emanuel Duss

Ionic Identity Vault versions 5.0.4 and below suffer from a PIN unlock lockout bypass vulnerability on both Android and iOS.

tags | exploit, bypass
systems | ios
advisories | CVE-2021-44033
SHA-256 | 6d043256140f16431c0ba31a27b2ed7b96bda2ffd3eebc36d63d48a045405df3
OpenVPN Monitor 1.1.3 Cross Site Request Forgery
Posted Sep 24, 2021
Authored by Sylvain Heiniger, Emanuel Duss

OpenVPN Monitor versions 1.1.3 and below suffer from a cross site request forgery vulnerability that allows an attacker to disconnect arbitrary VPN clients.

tags | exploit, arbitrary, csrf
advisories | CVE-2021-31604
SHA-256 | 1f3480045376cc0f2cd806ce155a2c7af1486e8d2504fc839a567a574a2ca25d
OpenVPN Monitor 1.1.3 Command Injection
Posted Sep 24, 2021
Authored by Sylvain Heiniger, Emanuel Duss

OpenVPN Monitor versions 1.1.3 and below suffer from an injection vulnerability that allows an attacker to inject arbitrary commands into the OpenVPN server management interface socket.

tags | exploit, arbitrary
advisories | CVE-2021-31605
SHA-256 | 4aac8e5a6173c4bf869dd5a55f56e9c252331247d5ba381aa933566cb18beba6
OpenVPN Monitor 1.1.3 Authorization Bypass / Denial Of Service
Posted Sep 24, 2021
Authored by Sylvain Heiniger, Emanuel Duss

OpenVPN Monitor versions 1.1.3 and below suffer from an authorization bypass vulnerability that allows an attacker to disconnect arbitrary clients, even if the disconnect feature is disabled.

tags | exploit, arbitrary, bypass
advisories | CVE-2021-31606
SHA-256 | 44443d6d17ea4c88ab04491310bc5cbff119d5c6333513c5f92e9d957fcdc127
Ionic Identity Vault 4.7 Android Biometric Authentication Bypass
Posted Sep 8, 2021
Authored by Emanuel Duss

Ionic Identity Vault versions 4.7 and below suffer from a biometric authentication bypass vulnerability on Android.

tags | exploit, bypass
advisories | CVE-2021-3145
SHA-256 | 0937a4fec4ba4da6536fb54a86bc96cbee6f829e34003327e23d35d71714b309
Froala WYSIWYG HTML Editor 3.1.1 Cross Site Scripting
Posted Jul 3, 2020
Authored by Emanuel Duss

Froala WYSIWYG HTML Editor versions 3.0.6 through 3.1.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-19935
SHA-256 | bdfe7870a6bfb2049e8c75da603ea32348be1f41280ca90de30fc97cec47171d
Siemens SICAM A8000 Series Denial Of Service
Posted Jan 17, 2019
Authored by Nicolas Heiniger, Emanuel Duss

Siemens SICAM A8000 Series suffers from an XML injection denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2018-13798
SHA-256 | 354a63d78ac4b5ab320b994b6c1ce672f98e673e216b330282677992fd04dbd8
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close