what you don't know can hurt you
Showing 1 - 25 of 510 RSS Feed

Files from LiquidWorm

Real NameGjoko Krstic
Email addressprivate
First Active2007-07-26
Last Active2017-07-14
View User Profile
Dasan Networks GPON ONT WiFi Router H64X Series System Config Download
Posted Jul 14, 2017
Authored by LiquidWorm | Site zeroscience.mk

Dasan Networks GPON ONT WiFi Router H64X Series suffers from a system configuration download vulnerability.

tags | exploit
MD5 | 32c6926d4b55f78a96e9330f3313ccb5
Dasan Networks GPON ONT WiFi Router H64X Series Privilege Escalation
Posted Jul 13, 2017
Authored by LiquidWorm | Site zeroscience.mk

Dasan Networks GPON ONT WiFi Router H64X Series suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | 870b4516ab12344f5a3e0b816499e21a
Dasan Networks GPON ONT WiFi Router H64X Series Cross Site Request Forgery
Posted Jul 13, 2017
Authored by LiquidWorm | Site zeroscience.mk

Dasan Networks GPON ONT WiFi Router H64X Series suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | f8789c203d45686a1478547c8f7ef85b
Dasan Networks GPON ONT WiFi Router H64X Series Authentication Bypass
Posted Jul 13, 2017
Authored by LiquidWorm | Site zeroscience.mk

Dasan Networks GPON ONT WiFi Router H64X Series does not properly perform authentication and authorization, allowing it to be bypassed through cookie manipulation. Setting the Cookie 'Grant' with value 1 (user) or 2 (admin) will bypass security controls in place enabling the attacker to take full control of the device management interface.

tags | exploit
MD5 | 2ac46a8fae0efacc57a1d3723fb041cc
Schneider Electric Pelco VideoXpert Missing Encryption
Posted Jul 11, 2017
Authored by LiquidWorm | Site zeroscience.mk

Schneider Electric Pelco VideoXpert transmits sensitive data using double Base64 encoding for the Cookie 'auth_token' in a communication channel that can be sniffed by unauthorized actors or arbitrarily be read from the vxcore log file directly using directory traversal attack resulting in authentication bypass / session hijacking.

tags | exploit
MD5 | 29d6a13171a92249a789a85e02531e9e
Schneider Electric Pelco VideoXpert Core Admin Portal Directory Traversal
Posted Jul 11, 2017
Authored by LiquidWorm | Site zeroscience.mk

Pelco VideoXpert suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server.

tags | exploit, web, arbitrary
MD5 | dfa0df3c855819b71c9869725eccb056
Schneider Electric Pelco VideoXpert Privilege Escalation
Posted Jul 11, 2017
Authored by LiquidWorm | Site zeroscience.mk

Schneider Electric Pelco VideoXpert is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'F' flag (full) for the 'Users' group, for several binary files. The service is installed by default to start on system boot with LocalSystem privileges. Attackers can replace the binary with their rootkit, and on reboot they get SYSTEM privileges.

tags | exploit
MD5 | 2fe804940583feed8e2672643c87628d
Schneider Electric Pelco Sarix/Spectra Cameras Root Remote Code Execution
Posted Jul 11, 2017
Authored by LiquidWorm | Site zeroscience.mk

Pelco IP cameras suffer from a code execution vulnerability. The affected cameras suffer from authenticated remote code execution vulnerability. The POST parameter 'enable_leds' located in the update() function called via the GeneralSetupController.php script is not properly sanitised before being used in writeLedConfig() function to enable led state to on or off. A remote attacker can exploit this issue and execute arbitrary system commands granting her system access with root privileges using a specially crafted request and escape sequence to system shell.

tags | exploit, remote, arbitrary, shell, root, php, code execution
MD5 | f60def224c0da5db858f33bf6eef0e47
Schneider Electric Pelco Sarix/Spectra Cameras CSRF Enable SSH Root Access
Posted Jul 11, 2017
Authored by LiquidWorm | Site zeroscience.mk

Pelco IP cameras suffer from a cross site request forgery vulnerability. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web, csrf
MD5 | 7cab066459f46bedf6175289966aec2e
Schneider Electric Pelco Sarix/Spectra Cameras XSS
Posted Jul 11, 2017
Authored by LiquidWorm | Site zeroscience.mk

Pelco cameras suffer from multiple dom-based, stored and reflected XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

tags | exploit, arbitrary, vulnerability
MD5 | 7f8219b6e322e2f71ec72c2c608d1040
SimpleRisk 20170416-001 Cross Site Scripting
Posted Jun 22, 2017
Authored by LiquidWorm | Site zeroscience.mk

SimpleRisk version 20170416-001 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cc6ee041f9ef0acdd8e3fb8dbdcb6dfb
EnGenius EnShare IoT Gigabit Cloud Service 1.4.11 Root Remote Code Execution
Posted Jun 4, 2017
Authored by LiquidWorm | Site zeroscience.mk

EnGenius EnShare suffers from an unauthenticated command injection vulnerability in which an attacker can inject and execute arbitrary code as the root user via the 'path' GET/POST parameter parsed by 'usbinteract.cgi' script.

tags | exploit, arbitrary, cgi, root
MD5 | 6051f5e6ab0341318d0a8979089a82be
OV3 Online Administration 3.0 SQL Injection
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from multiple unauthenticated remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | b45182a216390d5400da665f979cc9ad
OV3 Online Administration 3.0 Authenticated Code Execution
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 4836439cfaece2fea647cf5c5b5bc314
OV3 Online Administration 3.0 Parameter Traversal Arbitrary File Access
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from a traversal vulnerability that allows for arbitrary file access.

tags | exploit, arbitrary
MD5 | d59ba0c9c85323843417e3b44d2fa62b
CERIO 11nbg 2.4Ghz High Power Wireless Router (pekcmd) Rootshell Backdoors
Posted May 29, 2017
Authored by LiquidWorm | Site zeroscience.mk

CERIO 11nbg 2.4Ghz high power wireless router (pekcmd) has multiple backdoor accounts that yield rootshells.

tags | exploit
MD5 | 624f0bc5afb62a9c9c86abe9e5434ea1
Serviio Media Server checkStreamUrl Command Execution
Posted May 17, 2017
Authored by LiquidWorm, Brendan Coles | Site metasploit.com

This Metasploit module exploits an unauthenticated remote command execution vulnerability in the console component of Serviio Media Server versions 1.4 to 1.8 on Windows operating systems. The console service (on port 23423 by default) exposes a REST API which which does not require authentication. The 'action' API endpoint does not sufficiently sanitize user-supplied data in the 'VIDEO' parameter of the 'checkStreamUrl' method. This parameter is used in a call to cmd.exe resulting in execution of arbitrary commands. This Metasploit module has been tested successfully on Serviio Media Server versions 1.4.0, 1.5.0, 1.6.0 and 1.8.0 on Windows 7.

tags | exploit, remote, arbitrary
systems | windows, 7
advisories | OSVDB-41961
MD5 | ab1da9f50ece75772d5c07e501778759
Serviio PRO 1.8 DLNA Media Streaming Server REST API Arbitrary Code Execution
Posted May 4, 2017
Authored by LiquidWorm | Site zeroscience.mk

Serviio PRO DLNA Media Streaming Server version 1.8.0.0 PRO, 1.7.1, 1.7.0, and 1.6.1 suffers from a REST API arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
MD5 | dbad305e3ceb6461169d99bb0474ce62
Serviio PRO 1.8 DLNA Media Streaming Server REST API Arbitrary Password Change
Posted May 4, 2017
Authored by LiquidWorm | Site zeroscience.mk

Serviio PRO DLNA Media Streaming Server versions 1.8.0.0 PRO, 1.7.1, 1.7.0, and 1.6.1 suffer from a REST API arbitrary password change vulnerability.

tags | exploit, arbitrary
MD5 | 8a0c31328a98d804ec31c0e9735904ee
Serviio PRO 1.8 DLNA Media Streaming Server Local Privilege Escalation
Posted May 3, 2017
Authored by LiquidWorm | Site zeroscience.mk

Serviio PRO DLNA Media Streaming Server version 1.8.0.0 PRO suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 3c3bc91b4d62206bd85ee70253cc3f43
Serviio PRO 1.8 DLNA Media Streaming Server (mediabrowser) XSS
Posted May 3, 2017
Authored by LiquidWorm | Site zeroscience.mk

Serviio PRO DLNA Media Streaming Server version 1.8.0.0 PRO, 1.7.1, 1.7.0, and 1.6.1 suffer from a mediabrowser cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9134e53bdc429fd3b0afdb257596d9f7
Serviio PRO 1.8 DLNA Media Streaming Server REST API Information Disclosure
Posted May 3, 2017
Authored by LiquidWorm | Site zeroscience.mk

Serviio PRO 1.8 DLNA Media Streaming Server version 1.8.0.0 PRO, 1.7.1, 1.7.0, and 1.6.1 suffer from a REST API information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 65614cca99e652ccba1c1aff4bc441e4
Emby MediaServer 3.2.5 Directory Traversal
Posted Apr 30, 2017
Authored by LiquidWorm | Site zeroscience.mk

Emby MediaServer version 3.2.5 suffers from a directory traversal vulnerability that allows for arbitrary file disclosure.

tags | exploit, arbitrary
MD5 | d0e77200f0f0e8207eb440954f30658f
Emby MediaServer 3.2.5 Reflected Cross Site Scripting
Posted Apr 30, 2017
Authored by LiquidWorm | Site zeroscience.mk

Emby MediaServer version 3.2.5 suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the URL path filename when handling 'not found' errors. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary
MD5 | de3ade950678067a800aa9e801f9765d
Emby MediaServer 3.2.5 Password Reset
Posted Apr 30, 2017
Authored by LiquidWorm | Site zeroscience.mk

Emby MediaServer version 3.2.5 suffers from a password reset vulnerability.

tags | exploit
MD5 | 6893ef995ae09d29119938b846edec45
Page 1 of 21
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close