exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from T Shiomitsu

Cisco RV Authentication Bypass / Code Execution

Posted Apr 20, 2021

Authored by T Shiomitsu | Site iot-inspector.com

Cisco RV-series routers suffer from an authentication bypass vulnerability. The RV34X series are also affected by a command injection vulnerability in the sessionid cookie, when requesting the /upload endpoint. A combination of these issues would allow any person who is able to communicate with the web interface to run arbitrary system commands on the router as the www-data user. Vulnerable versions include RV16X/RV26X versions 1.0.01.02 and below and RV34X versions 1.0.03.20 and below.

tags | exploit, web, arbitrary, bypass

systems | cisco

advisories | CVE-2021-1472, CVE-2021-1473

SHA-256 | f3c8685d841186aca43bc22f8ed2b32e8512c7730129f2ed6fe20f360378fa91

Download | Favorite | View

D-Link DIR-3060 1.11b04 Command Injection

Posted Mar 12, 2021

Authored by T Shiomitsu | Site iot-inspector.com

D-Link DIR-3060 versions 1.11b04 and below suffer from an authenticated command injection vulnerability.

tags | exploit

advisories | CVE-2021-28144

SHA-256 | 934dc62fa5f0b5a818763d562c797ed8d79104a93d069761cc9dcaa5f0408e44

Download | Favorite | View