exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files from Steffen Robertz

First Active2020-11-24
Last Active2022-06-20
SIEMENS-SINEMA Remote Connect 3.0.1.0-01.01.00.02 Cross Site Scripting
Posted Jun 20, 2022
Authored by Steffen Robertz | Site sec-consult.com

SIEMENS-SINEMA Remote Connect versions 3.0.1.0-01.01.00.02 and below suffer from a cross site scripting vulnerability.

tags | exploit, remote, xss
advisories | CVE-2022-29034
SHA-256 | a3bce9850f8342f5aa74a6bc3820d1c8dfe51fd338fcf68fc68e9703dfacb807
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization
Posted Jun 20, 2022
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities.

tags | exploit, java, vulnerability, xss
advisories | CVE-2022-30981, CVE-2022-30982
SHA-256 | e4580392eca1aaa2baef87c51030e06d2fcb0c618e86aa5b369549cadf1c84c3
Infiray IRAY-A8Z3 1.0.957 Code Execution / Overflow / Hardcoded Credentials
Posted Jun 19, 2022
Authored by Florian Lienhart, Steffen Robertz | Site sec-consult.com

Infiray IRAY-A8Z3 thermal camera version 1.0.957 suffers from hardcoded web credential, authenticated remote code execution, buffer overflow, lack of password for root, and outdated software component vulnerabilities.

tags | exploit, remote, web, overflow, root, vulnerability, code execution
advisories | CVE-2022-31208, CVE-2022-31209, CVE-2022-31210, CVE-2022-31211
SHA-256 | 9d819d8481e8887a675b01f13926006193f4ee62a19071ae5db1494a8550bcb0
dbus-broker-29 Memory Corruption
Posted Jun 6, 2022
Authored by T. Weber, Gerhard Hechenberger, Steffen Robertz, T. Longin | Site sec-consult.com

dbus-broker-29 suffers from multiple memory corruption vulnerabilities. dbus-broker-31 addresses these issues.

tags | exploit, vulnerability
advisories | CVE-2022-31212, CVE-2022-31213
SHA-256 | 1688a18cca9d3b422b451318fd542b12535ebb6ef1eb8f23ae56ff707d1b4659
Siemens A8000 CP-8050/CP-8031 SICAM WEB Missing File Download / Missing Authentication
Posted Apr 15, 2022
Authored by T. Weber, Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Siemens A8000 CP-8050/CP-8031 SICAM WEB suffers from denial of service and a missing authentication vulnerability that allows for file download.

tags | exploit, web, denial of service
advisories | CVE-2021-45034, CVE-2022-27480
SHA-256 | 7f0a0ec0c017ac5bb71670246359ab27291e0f6543e3a3b66f3b4ecf9cd874dc
Zyxel Buffer Overflow / File Disclosure / CSRF / XSS / Broken Access Control
Posted Feb 17, 2022
Authored by Stefan Viehbock, T. Weber, Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Multiple Zyxel devices suffer from buffer overflow, local file disclosure, unsafe storage of sensitive data, command injection, broken access control, symbolic link processing, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, overflow, local, vulnerability, xss, csrf
SHA-256 | 0ba1f45b7a5254a119e2a3aeddf4279392e2e0120fe45790d15563c4eadf7fd2
WAGO 750-8xxx PLC Denial Of Service / User Enumeration
Posted Feb 4, 2022
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

WAGO 750-8xxx PLC versions prior to Firmware 20 Patch 1 (v03.08.08) suffer from denial of service and user enumeration vulnerabilities.

tags | exploit, denial of service, vulnerability
advisories | CVE-2021-34593
SHA-256 | 3baa93a2d3f1b5ab0f4e0408fec68f1c11444bf8af50dc66f28f63e877786d44
Cisco IP Phone Cleartext Password Storage
Posted Jan 17, 2022
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

Cisco IP Phone Series 78x1, 88x5, 88x1, 7832, 8832, 8821 and 3905 suffer from an insecure password storage vulnerability.

tags | exploit
systems | cisco
advisories | CVE-2022-20660
SHA-256 | 448c7c5cfcae3fc7bd414ad5be07cfbb1b7d955c723ac1c0f73d5e456f4c69e5
CODESYS 2.4.7.0 Denial Of Service
Posted Nov 1, 2021
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

CODESYS Runtime Toolkit 32-bit versions prior to 2.4.7.56 suffer from a denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2021-34593
SHA-256 | e2c08ed088508dee09719da1812fdba8c069873d79d63fec42f1375ec7b871d9
High Infinity Technology HiKam S6 1.3.26 Spoofing / Broken Authentication
Posted Oct 6, 2021
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

High Infinity Technology HiKam S6 versions 1.3.26 and below suffer from broken authentication, enumeration, message protocol downgrade, insufficient use of cryptography, insufficient message protocol checks, device spoofing, outdated components, and weak default credential vulnerabilities. suffers from bypass, man-in-the-middle, and spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, protocol
SHA-256 | e3dfeccfa868c00933c774cf40a1a7c35ae63edfea2f05f80a5a710d97902941
NetModule Router Software Password Handling / Session Fixation
Posted Aug 20, 2021
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com

NetModule Router Software versions prior to 4.3.0.113, 4.4.0.111, and 4.5.0.105 suffer from insecure password handling and session fixation vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2021-39289, CVE-2021-39290, CVE-2021-39291
SHA-256 | 55c2cd76e6eb849928d497ed398e7ef24c35c003556aab944b5829e79cdf8dc6
SIS-REWE GO 7.5.0/12C Cross Site Scripting
Posted May 11, 2021
Authored by Florian Lienhart, Steffen Robertz | Site sec-consult.com

SIS-REWE GO version 7.5.0/12C suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-31537
SHA-256 | cf57e1ea5b94b158d4041349a0500d013dd5f4797be8de63faf32cf9759b8347
ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password
Posted Nov 24, 2020
Authored by T. Weber, Steffen Robertz | Site sec-consult.com

ZTE WLAN router MF253V version 1.0.0B04 suffers from cross site request forgery, hardcoded password, outdated component, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 2ad4c83e851b5a6d905cd41028173a338d0361610fcbc55e00ab71b116573c19
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close