exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files from Steffen Robertz

First Active2020-11-24
Last Active2023-07-11
Siemens A8000 CP-8050 / CP-8031 Code Execution / Command Injection
Posted Jul 11, 2023
Authored by Gerhard Hechenberger, Steffen Robertz, Constantin Schieber-Knoebl, Stefan Viehbock, Gorazd Jank, Christian Hager | Site sec-consult.com

Siemens A8000 CP-8050 and CP-8031 MASTER MODULE versions 04.92 and below suffer from remote code execution, command injection, hard-coded password, and console login vulnerabilities.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2023-28489, CVE-2023-33919, CVE-2023-33920, CVE-2023-33921
SHA-256 | 61cdf36c1ecb8a689b5d1609b70af4afbbfe93f06571b226262e46776c6f150b
Zyxel Unauthenticated LAN Remote Code Execution
Posted Mar 22, 2023
Authored by Stefan Viehboeck, T. Weber, Gerhard Hechenberger, Steffen Robertz | Site metasploit.com

This Metasploit module exploits a buffer overflow in the zhttpd binary (/bin/zhttpd). It is present on more than 40 Zyxel routers and CPE devices. The code execution vulnerability can only be exploited by an attacker if the zhttp webserver is reachable. No authentication is required. After exploitation, an attacker will be able to execute any command as root, including downloading and executing a binary from another host.

tags | exploit, overflow, root, code execution
SHA-256 | fc9419af3871336277cafde42125966d876812e4e57c8b48da3a83050219381f
Arris DG3450 AR01.02.056.18_041520_711.NCS.10 XSS / Missing Authentication
Posted Mar 7, 2023
Authored by Steffen Robertz | Site sec-consult.com

Arris DG3450 cable gateway version AR01.02.056.18_041520_711.NCS.10 suffers from cross site scripting and missing authentication vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2023-27571, CVE-2023-27572
SHA-256 | c86cd78224d0a1dc11fa8725e61327ea16bc608bd258e5251a6ecfda7f8bb033
B&R Systems Diagnostics Manager Cross Site Scripting
Posted Feb 15, 2023
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

B&R Systems Diagnostics Manager versions above or equal to 3.00 and below or equal to C4.93 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2022-4286
SHA-256 | 73c092297c794cf9f02f7442ef627100dbeb5b3e8758091b6d6bf2c262200495
Zhuhai Suny Technology ESL Tag Forgery / Replay Attacks
Posted Dec 9, 2022
Authored by Steffen Robertz | Site sec-consult.com

Zhuhai Suny Technology ESL Tag suffers from replay attacks and a forgery attack allowing for the displaying of arbitrary contents.

tags | exploit, arbitrary
advisories | CVE-2022-45914
SHA-256 | 8a27a8ec1a40c485612406d067e803d86d138460771fe55dd5f37c04f5c55870
Simmeth System GmbH Supplier Manager LFI / SQL Injection / Bypass
Posted Nov 15, 2022
Authored by Steffen Robertz | Site sec-consult.com

Simmeth System GmbH Supplier Manager (Lieferantenmanager) versions prior to 5.6 suffer from authentication bypass, code execution, cross site scripting, information leakage, remote SQL injection, and various other vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection
advisories | CVE-2022-44012, CVE-2022-44013, CVE-2022-44014, CVE-2022-44015, CVE-2022-44016, CVE-2022-44017
SHA-256 | 6eddce047a1f5ab31ff59fc32cdd934d9a0dbd6474090fe26968d79a7d77daf2
COVESA 2.18.8 NULL Pointer Dereference / Heap Buffer Over-Read
Posted Sep 27, 2022
Authored by T. Weber, Gerhard Hechenberger, Steffen Robertz, T. Longin | Site sec-consult.com

COVESA versions 2.18.8 and below suffer from heap buffer over-read and null pointer dereference vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2022-39836, CVE-2022-39837
SHA-256 | 548515ca72e9a559204cae299150309e86e1f034ccca3a9cd876a5da99d81eb2
SIEMENS-SINEMA Remote Connect 3.0.1.0-01.01.00.02 Cross Site Scripting
Posted Jun 20, 2022
Authored by Steffen Robertz | Site sec-consult.com

SIEMENS-SINEMA Remote Connect versions 3.0.1.0-01.01.00.02 and below suffer from a cross site scripting vulnerability.

tags | exploit, remote, xss
advisories | CVE-2022-29034
SHA-256 | a3bce9850f8342f5aa74a6bc3820d1c8dfe51fd338fcf68fc68e9703dfacb807
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization
Posted Jun 20, 2022
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities.

tags | exploit, java, vulnerability, xss
advisories | CVE-2022-30981, CVE-2022-30982
SHA-256 | e4580392eca1aaa2baef87c51030e06d2fcb0c618e86aa5b369549cadf1c84c3
Infiray IRAY-A8Z3 1.0.957 Code Execution / Overflow / Hardcoded Credentials
Posted Jun 19, 2022
Authored by Florian Lienhart, Steffen Robertz | Site sec-consult.com

Infiray IRAY-A8Z3 thermal camera version 1.0.957 suffers from hardcoded web credential, authenticated remote code execution, buffer overflow, lack of password for root, and outdated software component vulnerabilities.

tags | exploit, remote, web, overflow, root, vulnerability, code execution
advisories | CVE-2022-31208, CVE-2022-31209, CVE-2022-31210, CVE-2022-31211
SHA-256 | 9d819d8481e8887a675b01f13926006193f4ee62a19071ae5db1494a8550bcb0
dbus-broker-29 Memory Corruption
Posted Jun 6, 2022
Authored by T. Weber, Gerhard Hechenberger, Steffen Robertz, T. Longin | Site sec-consult.com

dbus-broker-29 suffers from multiple memory corruption vulnerabilities. dbus-broker-31 addresses these issues.

tags | exploit, vulnerability
advisories | CVE-2022-31212, CVE-2022-31213
SHA-256 | 1688a18cca9d3b422b451318fd542b12535ebb6ef1eb8f23ae56ff707d1b4659
Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication
Posted Apr 15, 2022
Authored by T. Weber, Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Siemens A8000 CP-8050/CP-8031 SICAM WEB suffers from denial of service and a missing authentication vulnerability that allows for file download.

tags | exploit, web, denial of service
advisories | CVE-2021-45034, CVE-2022-27480
SHA-256 | 7f0a0ec0c017ac5bb71670246359ab27291e0f6543e3a3b66f3b4ecf9cd874dc
Zyxel Buffer Overflow / File Disclosure / CSRF / XSS / Broken Access Control
Posted Feb 17, 2022
Authored by Stefan Viehboeck, T. Weber, Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Multiple Zyxel devices suffer from buffer overflow, local file disclosure, unsafe storage of sensitive data, command injection, broken access control, symbolic link processing, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, overflow, local, vulnerability, xss, csrf
SHA-256 | 0ba1f45b7a5254a119e2a3aeddf4279392e2e0120fe45790d15563c4eadf7fd2
WAGO 750-8xxx PLC Denial Of Service / User Enumeration
Posted Feb 4, 2022
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

WAGO 750-8xxx PLC versions prior to Firmware 20 Patch 1 (v03.08.08) suffer from denial of service and user enumeration vulnerabilities.

tags | exploit, denial of service, vulnerability
advisories | CVE-2021-34593
SHA-256 | 3baa93a2d3f1b5ab0f4e0408fec68f1c11444bf8af50dc66f28f63e877786d44
Cisco IP Phone Cleartext Password Storage
Posted Jan 17, 2022
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Cisco IP Phone Series 78x1, 88x5, 88x1, 7832, 8832, 8821 and 3905 suffer from an insecure password storage vulnerability.

tags | exploit
systems | cisco
advisories | CVE-2022-20660
SHA-256 | 448c7c5cfcae3fc7bd414ad5be07cfbb1b7d955c723ac1c0f73d5e456f4c69e5
CODESYS 2.4.7.0 Denial Of Service
Posted Nov 1, 2021
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

CODESYS Runtime Toolkit 32-bit versions prior to 2.4.7.56 suffer from a denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2021-34593
SHA-256 | e2c08ed088508dee09719da1812fdba8c069873d79d63fec42f1375ec7b871d9
High Infinity Technology HiKam S6 1.3.26 Spoofing / Broken Authentication
Posted Oct 6, 2021
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

High Infinity Technology HiKam S6 versions 1.3.26 and below suffer from broken authentication, enumeration, message protocol downgrade, insufficient use of cryptography, insufficient message protocol checks, device spoofing, outdated components, and weak default credential vulnerabilities. suffers from bypass, man-in-the-middle, and spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, protocol
SHA-256 | e3dfeccfa868c00933c774cf40a1a7c35ae63edfea2f05f80a5a710d97902941
NetModule Router Software Password Handling / Session Fixation
Posted Aug 20, 2021
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

NetModule Router Software versions prior to 4.3.0.113, 4.4.0.111, and 4.5.0.105 suffer from insecure password handling and session fixation vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2021-39289, CVE-2021-39290, CVE-2021-39291
SHA-256 | 55c2cd76e6eb849928d497ed398e7ef24c35c003556aab944b5829e79cdf8dc6
SIS-REWE GO 7.5.0/12C Cross Site Scripting
Posted May 11, 2021
Authored by Florian Lienhart, Steffen Robertz | Site sec-consult.com

SIS-REWE GO version 7.5.0/12C suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-31537
SHA-256 | cf57e1ea5b94b158d4041349a0500d013dd5f4797be8de63faf32cf9759b8347
ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password
Posted Nov 24, 2020
Authored by T. Weber, Steffen Robertz | Site sec-consult.com

ZTE WLAN router MF253V version 1.0.0B04 suffers from cross site request forgery, hardcoded password, outdated component, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 2ad4c83e851b5a6d905cd41028173a338d0361610fcbc55e00ab71b116573c19
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close