Showing 1 - 6 of 6

Files from Ryan Delaney

Sagemcom F@ST 5280 Privilege Escalation: Posted Sep 1, 2020; Authored by Ryan Delaney; Sagemcom F@ST 5280 routers using firmware version 1.150.61, and possibly others, have an insecure deserialization vulnerability that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values inside of the serialized session cookie, an attacker may alter the user value inside of this cookie, and assume the role and permissions of the user specified. By assuming the role of the user internal, which is inaccessible to end users by default, the attacker gains the permissions of the internal account, which includes the ability to flash custom firmware to the router, allowing the attacker to achieve a complete compromise.; tags | exploit; advisories | CVE-2020-24034; SHA-256 | b749b45a358358330f8fd5f3cec1a2eb0a30872b9d8f5cd95aaf47010c1890ef; Download | Favorite | View

Verint Impact 360 15.1 Cross Site Request Forgery: Posted Jul 14, 2020; Authored by Ryan Delaney; Verint Impact 360 version 15.1 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; advisories | CVE-2019-12784; SHA-256 | 8c1ec5a43ee4412962b923d2c0abe80de645b915f6144f18aa147efd40de3464; Download | Favorite | View

Verint Impact 360 15.1 Open Redirect: Posted Jul 14, 2020; Authored by Ryan Delaney; Verint Impact 360 version 15.1 suffers from an open redirection vulnerability.; tags | exploit; advisories | CVE-2019-12783; SHA-256 | f865cfc6fcac1fa347c28f60b5047a71f7ccd1d751dcc60cb93b1f3ddbca5721; Download | Favorite | View

Verint Impact 360 15.1 Script Insertion / HTML Injection: Posted Jul 14, 2020; Authored by Ryan Delaney; Verint Impact 360 version 15.1 has an issue where the helpURL parameter in wfo/help/help_popup.jsp can be changed to embed arbitrary content inside of an iFrame. Attackers may use this in conjunction with social engineering to embed malicious scripts or phishing pages on a site where this product is installed, given the attacker can convince a victim to visit a crafted link.; tags | exploit, arbitrary, xss; advisories | CVE-2019-12773; SHA-256 | 037db083b292ddba6c882f5cb6d036f5ab65f22b3161e14d9ede682bd0105457; Download | Favorite | View

Sagemcom Router Insufficient Default PSK Entropy: Posted Mar 5, 2019; Authored by Ryan Delaney; Sagemcom F@st 5260 routers on firmware version 0.4.39 (and possibly others), in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small.; tags | exploit; advisories | CVE-2019-9555; SHA-256 | c2db5ec63dcee8bb5c083080884392540c1d051134888b5324d8f89c4c0cb50d; Download | Favorite | View

Budabot 4.0 Denial Of Service: Posted Nov 16, 2018; Authored by Ryan Delaney; Budabot versions 0.6 through 4.0 suffer from a denial of service vulnerability.; tags | exploit, denial of service; advisories | CVE-2018-19290; SHA-256 | a8620cfd1ed239f5a681eebba7f54e300e332b8a58ce2704698bd1ea6a629401; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days