what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Johannes Kruchem

First Active2020-01-22
Last Active2023-11-28
Fortra Digital Guardian Agent Uninstaller Cross Site Scripting / UninstallKey Cached
Posted Nov 28, 2023
Authored by Johannes Kruchem, Daniel Hirschberger, Bernhard Grundling | Site sec-consult.com

The uninstaller in Fortra Digital Guardian Agent versions prior to 7.9.4 suffers from a cross site scripting vulnerability. Additionally, the Agent Uninstaller handles sensitive data insecurely and caches the Uninstall key in memory. This key can be used to stop or uninstall the application. This allows a locally authenticated attacker with administrative privileges to disable the application temporarily or even remove the application from the system completely.

tags | exploit, xss
advisories | CVE-2023-6253
SHA-256 | d393eda92218fb28d4719259401d1db3e0731edb5b930170f2f951494d02fbc7
Poly Studio X30 / Studio X50 / Studio X70 / G7500 Command Injection
Posted Jun 6, 2022
Authored by Johannes Kruchem | Site sec-consult.com

Poly Studio X30, Studio X50, Studio X70, and G7500 versions 3.4.0-292042, 3.5.0-344025, and 3.6.0 suffers from an authenticated command injection vulnerability.

tags | exploit
advisories | CVE-2022-26481
SHA-256 | 924a951f490c6e59775e62eb12780f10e62f6d7f2146393b9885a0aa17849cbd
Poly EagleEye Director II 2.2.1.1 Command Injection / Authentication Bypass
Posted Jun 6, 2022
Authored by Johannes Kruchem | Site sec-consult.com

Poly EagleEye Director II version 2.2.1.1 suffers from multiple authenticated remote command injection vulnerabilities as well as an authentication bypass vulnerability.

tags | exploit, remote, vulnerability, bypass
advisories | CVE-2022-26479, CVE-2022-26482
SHA-256 | 65f5c3af9c0467b68e4a064f7a3e889a40685745b50fa1cc3d5360a1e5ea20c4
Konica Minolta bizhub MFP Printer Terminal Sandbox Escape
Posted May 13, 2022
Authored by W. Schober, Johannes Kruchem | Site sec-consult.com

Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape with root access and have clear-text password vulnerabilities.

tags | exploit, root, vulnerability
advisories | CVE-2022-29586, CVE-2022-29587, CVE-2022-29588
SHA-256 | 57e210f71bf42a3b11e36e7813fbbb82fccbd07555cd2d876285ea9c410da45c
Miele Benchmark Programming Tool 1.1.49 / 1.2.71 Privilege Escalation
Posted Apr 27, 2022
Authored by W. Schober, Johannes Kruchem | Site sec-consult.com

Miele Benchmark Programming Tool versions 1.1.49 and 1.2.71 suffer from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2022-22521
SHA-256 | d9c54518c9774d14210fa309ae32ce7bf54eac2d1ed82cd249dec9506f8662c7
Rittal Products Bypass / Command Injection / Privilege Escalation
Posted Jul 10, 2020
Authored by Johannes Kruchem, C. Svoboda | Site sec-consult.com

Multiple Rittal Products based on the same software suffer from CLI menu bypass, insecure configuration, hard-coded backdoor account, outdated component, command injection, and privilege escalation vulnerabilities. Products include but are not limited to CMC III PU Compact, CMC III PU 7030.000 PDU (whole portfolio), LCP-CW, and IoT Interface 3124.300.

tags | exploit, vulnerability
advisories | CVE-2020-11951, CVE-2020-11952, CVE-2020-11953, CVE-2020-11955, CVE-2020-11956
SHA-256 | 9d5e13a39f03bb1911253ad043b021ed88fe002de985be551eb7fc9a7aafa105
ZOHO ManageEngine ServiceDeskPlus 11.0 Build 11007 Cross Site Scripting
Posted Jan 22, 2020
Authored by Johannes Kruchem | Site sec-consult.com

ZOHO ManageEngine ServiceDeskPlus versions 11.0 Build 11007 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-6843
SHA-256 | f632ef85f28ad70bb9342601a5f35a98d661dd706019e37f2cc899fa7c91121f
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close