exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from David Gnedt

First Active2018-10-12
Last Active2024-01-26
CloudLinux CageFS 7.0.8-2 Insufficiently Restricted Proxy Command
Posted Jan 26, 2024
Authored by David Gnedt | Site sba-research.org

CloudLinux CageFS versions 7.0.8-2 and below insufficiently restrict file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment.

tags | exploit, arbitrary, local
advisories | CVE-2020-36772
SHA-256 | 7cfae83fd5939609459b8ed98a7edecfd614eb3c5cd3373d9da412bc106b20d1
CloudLinux CageFS 7.1.1-1 Token Disclosure
Posted Jan 26, 2024
Authored by David Gnedt | Site sba-research.org

CloudLinux CageFS versions 7.1.1-1 and below pass the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user.

tags | exploit, local, code execution
advisories | CVE-2020-36771
SHA-256 | 437f367ac50c53712ae264b28731e8929e461079e8ff05355b97f16fb6c32a55
MOKOSmart MKGW1 Gateway Improper Session Management
Posted Dec 20, 2023
Authored by David Gnedt, Jakob Hagl | Site sba-research.org

MOKOSmart MKGW1 Gateway devices with firmware version 1.1.1 or below do not provide an adequate session management for the administrative web interface. This allows adjacent attackers with access to the management network to read and modify the configuration of the device.

tags | exploit, web
SHA-256 | c694be2f3aeadf3e34a15c75c0c332496dca8eac6b5590d03759fec352bbdae6
Teltonika RUT9XX Reflected Cross Site Scripting
Posted Oct 12, 2018
Authored by David Gnedt | Site sba-research.org

Teltonika RUT9XX routers with firmware before 00.05.01.1 are prone to cross site scripting vulnerabilities in hotspotlogin.cgi due to insufficient user input sanitization.

tags | exploit, cgi, vulnerability, xss
advisories | CVE-2018-17533
SHA-256 | 4cce626d1539e2d1d2f295b036e17ec9f4779d6658a6a91f1e7574c7c10e9d5d
Teltonika RUT9XX Missing Access Control To UART Root Terminal
Posted Oct 12, 2018
Authored by David Gnedt | Site sba-research.org

Teltonika RUT9XX routers with firmware before 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges.

tags | exploit, arbitrary, root
advisories | CVE-2018-17534
SHA-256 | e9d45ff879f8d592742af5d9401af535a0057ffab7ca2663e9027078fd59edd6
Teltonika RUT9XX Unauthenticated OS Command Injection
Posted Oct 12, 2018
Authored by David Gnedt | Site sba-research.org

Teltonika RUT9XX routers with firmware before 00.04.233 are prone to multiple unauthenticated OS command injection vulnerabilities in autologin.cgi and hotspotlogin.cgi due to insufficient user input sanitization. This allows remote attackers to execute arbitrary commands with root privileges.

tags | exploit, remote, arbitrary, cgi, root, vulnerability
advisories | CVE-2018-17532
SHA-256 | 3b891e67dc7f84a78fafd4de519a7224bdb6d898a5ad5c79db67551a91fc0d24
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close