Showing 1 - 7 of 7

Files from Johannes Kruchem

First Active	2020-01-22
Last Active	2023-11-28

Fortra Digital Guardian Agent Uninstaller Cross Site Scripting / UninstallKey Cached: Posted Nov 28, 2023; Authored by Johannes Kruchem, Daniel Hirschberger, Bernhard Grundling | Site sec-consult.com; The uninstaller in Fortra Digital Guardian Agent versions prior to 7.9.4 suffers from a cross site scripting vulnerability. Additionally, the Agent Uninstaller handles sensitive data insecurely and caches the Uninstall key in memory. This key can be used to stop or uninstall the application. This allows a locally authenticated attacker with administrative privileges to disable the application temporarily or even remove the application from the system completely.; tags | exploit, xss; advisories | CVE-2023-6253; SHA-256 | d393eda92218fb28d4719259401d1db3e0731edb5b930170f2f951494d02fbc7; Download | Favorite | View

Poly Studio X30 / Studio X50 / Studio X70 / G7500 Command Injection: Posted Jun 6, 2022; Authored by Johannes Kruchem | Site sec-consult.com; Poly Studio X30, Studio X50, Studio X70, and G7500 versions 3.4.0-292042, 3.5.0-344025, and 3.6.0 suffers from an authenticated command injection vulnerability.; tags | exploit; advisories | CVE-2022-26481; SHA-256 | 924a951f490c6e59775e62eb12780f10e62f6d7f2146393b9885a0aa17849cbd; Download | Favorite | View

Poly EagleEye Director II 2.2.1.1 Command Injection / Authentication Bypass: Posted Jun 6, 2022; Authored by Johannes Kruchem | Site sec-consult.com; Poly EagleEye Director II version 2.2.1.1 suffers from multiple authenticated remote command injection vulnerabilities as well as an authentication bypass vulnerability.; tags | exploit, remote, vulnerability, bypass; advisories | CVE-2022-26479, CVE-2022-26482; SHA-256 | 65f5c3af9c0467b68e4a064f7a3e889a40685745b50fa1cc3d5360a1e5ea20c4; Download | Favorite | View

Konica Minolta bizhub MFP Printer Terminal Sandbox Escape: Posted May 13, 2022; Authored by W. Schober, Johannes Kruchem | Site sec-consult.com; Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape with root access and have clear-text password vulnerabilities.; tags | exploit, root, vulnerability; advisories | CVE-2022-29586, CVE-2022-29587, CVE-2022-29588; SHA-256 | 57e210f71bf42a3b11e36e7813fbbb82fccbd07555cd2d876285ea9c410da45c; Download | Favorite | View

Miele Benchmark Programming Tool 1.1.49 / 1.2.71 Privilege Escalation: Posted Apr 27, 2022; Authored by W. Schober, Johannes Kruchem | Site sec-consult.com; Miele Benchmark Programming Tool versions 1.1.49 and 1.2.71 suffer from a privilege escalation vulnerability.; tags | exploit; advisories | CVE-2022-22521; SHA-256 | d9c54518c9774d14210fa309ae32ce7bf54eac2d1ed82cd249dec9506f8662c7; Download | Favorite | View

Rittal Products Bypass / Command Injection / Privilege Escalation: Posted Jul 10, 2020; Authored by Johannes Kruchem, C. Svoboda | Site sec-consult.com; Multiple Rittal Products based on the same software suffer from CLI menu bypass, insecure configuration, hard-coded backdoor account, outdated component, command injection, and privilege escalation vulnerabilities. Products include but are not limited to CMC III PU Compact, CMC III PU 7030.000 PDU (whole portfolio), LCP-CW, and IoT Interface 3124.300.; tags | exploit, vulnerability; advisories | CVE-2020-11951, CVE-2020-11952, CVE-2020-11953, CVE-2020-11955, CVE-2020-11956; SHA-256 | 9d5e13a39f03bb1911253ad043b021ed88fe002de985be551eb7fc9a7aafa105; Download | Favorite | View

ZOHO ManageEngine ServiceDeskPlus 11.0 Build 11007 Cross Site Scripting: Posted Jan 22, 2020; Authored by Johannes Kruchem | Site sec-consult.com; ZOHO ManageEngine ServiceDeskPlus versions 11.0 Build 11007 and below suffer from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2020-6843; SHA-256 | f632ef85f28ad70bb9342601a5f35a98d661dd706019e37f2cc899fa7c91121f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days