what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files from Gerhard Hechenberger

First Active2020-10-12
Last Active2023-07-11
Siemens A8000 CP-8050 / CP-8031 Code Execution / Command Injection
Posted Jul 11, 2023
Authored by Gerhard Hechenberger, Steffen Robertz, Constantin Schieber-Knoebl, Stefan Viehbock, Gorazd Jank, Christian Hager | Site sec-consult.com

Siemens A8000 CP-8050 and CP-8031 MASTER MODULE versions 04.92 and below suffer from remote code execution, command injection, hard-coded password, and console login vulnerabilities.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2023-28489, CVE-2023-33919, CVE-2023-33920, CVE-2023-33921
SHA-256 | 61cdf36c1ecb8a689b5d1609b70af4afbbfe93f06571b226262e46776c6f150b
Zyxel Unauthenticated LAN Remote Code Execution
Posted Mar 22, 2023
Authored by Stefan Viehboeck, T. Weber, Gerhard Hechenberger, Steffen Robertz | Site metasploit.com

This Metasploit module exploits a buffer overflow in the zhttpd binary (/bin/zhttpd). It is present on more than 40 Zyxel routers and CPE devices. The code execution vulnerability can only be exploited by an attacker if the zhttp webserver is reachable. No authentication is required. After exploitation, an attacker will be able to execute any command as root, including downloading and executing a binary from another host.

tags | exploit, overflow, root, code execution
SHA-256 | fc9419af3871336277cafde42125966d876812e4e57c8b48da3a83050219381f
B&R Systems Diagnostics Manager Cross Site Scripting
Posted Feb 15, 2023
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

B&R Systems Diagnostics Manager versions above or equal to 3.00 and below or equal to C4.93 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-4286
SHA-256 | 73c092297c794cf9f02f7442ef627100dbeb5b3e8758091b6d6bf2c262200495
COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read
Posted Sep 27, 2022
Authored by T. Weber, Gerhard Hechenberger, Steffen Robertz, T. Longin | Site sec-consult.com

COVESA versions 2.18.8 and below suffer from heap buffer over-read and null pointer dereference vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2022-39836, CVE-2022-39837
SHA-256 | 548515ca72e9a559204cae299150309e86e1f034ccca3a9cd876a5da99d81eb2
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization
Posted Jun 20, 2022
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities.

tags | exploit, java, vulnerability, xss
advisories | CVE-2022-30981, CVE-2022-30982
SHA-256 | e4580392eca1aaa2baef87c51030e06d2fcb0c618e86aa5b369549cadf1c84c3
dbus-broker-29 Memory Corruption
Posted Jun 6, 2022
Authored by T. Weber, Gerhard Hechenberger, Steffen Robertz, T. Longin | Site sec-consult.com

dbus-broker-29 suffers from multiple memory corruption vulnerabilities. dbus-broker-31 addresses these issues.

tags | exploit, vulnerability
advisories | CVE-2022-31212, CVE-2022-31213
SHA-256 | 1688a18cca9d3b422b451318fd542b12535ebb6ef1eb8f23ae56ff707d1b4659
Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication
Posted Apr 15, 2022
Authored by T. Weber, Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Siemens A8000 CP-8050/CP-8031 SICAM WEB suffers from denial of service and a missing authentication vulnerability that allows for file download.

tags | exploit, web, denial of service
advisories | CVE-2021-45034, CVE-2022-27480
SHA-256 | 7f0a0ec0c017ac5bb71670246359ab27291e0f6543e3a3b66f3b4ecf9cd874dc
Zyxel Buffer Overflow / File Disclosure / CSRF / XSS / Broken Access Control
Posted Feb 17, 2022
Authored by Stefan Viehboeck, T. Weber, Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Multiple Zyxel devices suffer from buffer overflow, local file disclosure, unsafe storage of sensitive data, command injection, broken access control, symbolic link processing, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, overflow, local, vulnerability, xss, csrf
SHA-256 | 0ba1f45b7a5254a119e2a3aeddf4279392e2e0120fe45790d15563c4eadf7fd2
WAGO 750-8xxx PLC Denial Of Service / User Enumeration
Posted Feb 4, 2022
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

WAGO 750-8xxx PLC versions prior to Firmware 20 Patch 1 (v03.08.08) suffer from denial of service and user enumeration vulnerabilities.

tags | exploit, denial of service, vulnerability
advisories | CVE-2021-34593
SHA-256 | 3baa93a2d3f1b5ab0f4e0408fec68f1c11444bf8af50dc66f28f63e877786d44
Cisco IP Phone Cleartext Password Storage
Posted Jan 17, 2022
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Cisco IP Phone Series 78x1, 88x5, 88x1, 7832, 8832, 8821 and 3905 suffer from an insecure password storage vulnerability.

tags | exploit
systems | cisco
advisories | CVE-2022-20660
SHA-256 | 448c7c5cfcae3fc7bd414ad5be07cfbb1b7d955c723ac1c0f73d5e456f4c69e5
CODESYS 2.4.7.0 Denial Of Service
Posted Nov 1, 2021
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

CODESYS Runtime Toolkit 32-bit versions prior to 2.4.7.56 suffer from a denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2021-34593
SHA-256 | e2c08ed088508dee09719da1812fdba8c069873d79d63fec42f1375ec7b871d9
High Infinity Technology HiKam S6 1.3.26 Spoofing / Broken Authentication
Posted Oct 6, 2021
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

High Infinity Technology HiKam S6 versions 1.3.26 and below suffer from broken authentication, enumeration, message protocol downgrade, insufficient use of cryptography, insufficient message protocol checks, device spoofing, outdated components, and weak default credential vulnerabilities. suffers from bypass, man-in-the-middle, and spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, protocol
SHA-256 | e3dfeccfa868c00933c774cf40a1a7c35ae63edfea2f05f80a5a710d97902941
NetModule Router Software Password Handling / Session Fixation
Posted Aug 20, 2021
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

NetModule Router Software versions prior to 4.3.0.113, 4.4.0.111, and 4.5.0.105 suffer from insecure password handling and session fixation vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2021-39289, CVE-2021-39290, CVE-2021-39291
SHA-256 | 55c2cd76e6eb849928d497ed398e7ef24c35c003556aab944b5829e79cdf8dc6
Sage DPW 2020_06_000 / 2020_06_001 XSS / File Upload
Posted Oct 12, 2020
Authored by Gerhard Hechenberger, Stefan Michlits | Site sec-consult.com

Sage DPW versions 2020_06_000 and 2020_06_001 suffer from cross site scripting and unauthenticated malicious file upload vulnerabilities.

tags | exploit, vulnerability, xss, file upload
advisories | CVE-2020-26583, CVE-2020-26584
SHA-256 | f2de58f82000bc1abcc7ceb06fb7e03de637fb816729b8a026fe3a6815942177
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close