Twenty Year Anniversary
Showing 1 - 25 of 585 RSS Feed

Files from LiquidWorm

Real NameGjoko Krstic
Email addressprivate
First Active2007-07-26
Last Active2018-11-19
View User Profile
Synaccess netBooter NP-0801DU 7.4 Cross Site Request Forgery
Posted Nov 19, 2018
Authored by LiquidWorm | Site zeroscience.mk

Synaccess netBooter NP-0801DU version 7.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | c58aeb7ef6b68b80d63bcfe2db7d1b15
Synaccess netBooter NP-02x / NP-08x 6.8 Authentication Bypass
Posted Nov 19, 2018
Authored by LiquidWorm | Site zeroscience.mk

Synaccess netBooter NP-02x and NP-08x version 6.8 suffer from an authentication bypass vulnerability due to a missing control check when calling the webNewAcct.cgi script while creating users. This allows an unauthenticated attacker to create an admin user account and bypass authentication giving her the power to turn off a power supply to a resource.

tags | exploit, cgi, bypass
MD5 | b35aa71589ba337fad0f50e2db1dd972
Microsoft Internet Explorer 11 Tree::Notify_InvalidateDisplay Null Pointer Dereference
Posted Nov 5, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microsoft Internet Explorer 11 suffers from a null pointer dereference vulnerability in Tree::Notify_InvalidateDisplay.

tags | exploit
MD5 | 25fc4b591fd4c93897c9727e2564bf0f
Anviz AIM CrossChex Standard 4.3 Excel Macro Injection
Posted Nov 1, 2018
Authored by LiquidWorm | Site zeroscience.mk

CSV (XLS) Injection (Excel Macro Injection or Formula Injection) exists in the AIM CrossChex version 4.3 when importing or exporting users using xls Excel file. This can be exploited to execute arbitrary commands on the affected system via SE attacks when an attacker inserts formula payload in the Name field when adding a user or using the custom fields Gender, Position, Phone, Birthday, Employ Date and Address. Upon importing, the application will launch Excel program and execute the malicious macro formula.

tags | exploit, arbitrary
MD5 | f17d0ab71ad68426099534dd08d3f455
TP-Link TL-SC3130 1.6.18 Unauthenticated RTSP Stream Disclosure
Posted Oct 17, 2018
Authored by LiquidWorm | Site zeroscience.mk

TP-Link TL-SC3130 version 1.6.18 suffers from an unauthenticated and unauthorized live RTSP stream disclosure.

tags | exploit
advisories | CVE-2018-18428
MD5 | e029e95c170246483700a76a5b7644d8
FLIR Systems FLIR Brickstream 3D+ Unauthenticated RTSP Stream Disclosure
Posted Oct 15, 2018
Authored by LiquidWorm | Site zeroscience.mk

The FLIR Brickstream 3D+ sensor is vulnerable to unauthenticated and unauthorized live RTSP video stream access.

tags | exploit
MD5 | c9e086de25a24942ecb2ff6455cc9e3a
FLIR Systems FLIR Brickstream 3D+ Unauthenticated Config Download File Disclosure
Posted Oct 15, 2018
Authored by LiquidWorm | Site zeroscience.mk

The FLIR Brickstream 3D+ sensor is vulnerable to unauthenticated config download and file disclosure vulnerability when calling the ExportConfig REST API (getConfigExportFile.cgi). This will enable the attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and/or full system access.

tags | exploit, cgi
MD5 | 1713c8fd894c04a7b7bca5abd747a8a4
FLIR Systems FLIR AX8 Thermal Camera 1.32.16 Hard-coded Credentials Shell Access
Posted Oct 15, 2018
Authored by LiquidWorm | Site zeroscience.mk

FLIR AX8 thermal sensor camera devices version 1.32.16 utilize hard-coded credentials within its Linux distribution image. These sets of credentials (SSH) are never exposed to the end-user and cannot be changed through any normal operation of the camera. Attacker could exploit this vulnerability by logging in using the default credentials for the web panel or gain shell access.

tags | exploit, web, shell
systems | linux
MD5 | 33ffa851ac663c1ab4b0b5c38033d8e6
FLIR Systems FLIR AX8 Thermal Camera 1.32.16 Arbitrary File Disclosure
Posted Oct 15, 2018
Authored by LiquidWorm | Site zeroscience.mk

The FLIR AX8 thermal sensor camera version 1.32.16 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed via the 'file' parameter in download.php is not properly verified before being used to download config files. This can be exploited to disclose the contents of arbitrary files via absolute path.

tags | exploit, arbitrary, php
MD5 | acdaa748301edd2bc81cd2080da980c7
FLIR Systems FLIR AX8 Thermal Camera 1.32.16 RTSP Stream Disclosure
Posted Oct 15, 2018
Authored by LiquidWorm | Site zeroscience.mk

The FLIR AX8 thermal sensor camera version 1.32.16 suffers an unauthenticated and unauthorized live RTSP video stream access.

tags | exploit
MD5 | 12f0bc57b7afd9426d7045450ba3c350
FLIR Systems FLIR AX8 Thermal Camera 1.32.16 Remote Root
Posted Oct 15, 2018
Authored by LiquidWorm | Site zeroscience.mk

The FLIR AX8 thermal sensor camera version 1.32.16 suffers from two unauthenticated command injection vulnerabilities. The issues can be triggered when calling multiple unsanitized HTTP GET/POST parameters within the shell_exec function in res.php and palette.php file. This can be exploited to inject arbitrary system commands and gain root remote code execution.

tags | exploit, remote, web, arbitrary, root, php, vulnerability, code execution
MD5 | d06114bdae6c5e38a699adb6567a8ba2
FLIR Systems FLIR Thermal Traffic Cameras Websocket Device Manipulation
Posted Oct 8, 2018
Authored by LiquidWorm | Site zeroscience.mk

FLIR Systems FLIR thermal traffic cameras suffers from a websocket device manipulation vulnerability.

tags | exploit
MD5 | 1758b25f8d73cbe768557470cb4ec024
FLIR Systems FLIR Thermal Traffic Cameras RTSP Stream Disclosure
Posted Oct 8, 2018
Authored by LiquidWorm | Site zeroscience.mk

FLIR Systems FLIR thermal traffic cameras suffer from an RTSP stream disclosure vulnerability.

tags | exploit
MD5 | 500bbb1808ed3b7c4e433fc3334c1985
NovaRad NovaPACS Diagnostics Viewer 8.5 File Disclosure
Posted Sep 5, 2018
Authored by LiquidWorm | Site zeroscience.mk

NovaRad NovaPACS Diagnostics Viewer version 8.5 suffers from an XML external entity injection vulnerability that allows for file disclosure.

tags | exploit
MD5 | e85d4489d58f26bca437667c877df4a6
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Backdoor Jailbreak
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems have a web shell application that includes a service called Microhard Sh that is documented only as 'reserved for internal use'. This service can be enabled by an authenticated user within the Services menu in the web admin panel. This can also be enabled via CSRF attack. When the service is enabled, a user 'msshc' is created on the system with password 'msshc' for SSH shell access on port 22. When connected, the user is dropped into a NcFTP jailed environment, that has limited commands for file transfer administration. One of the commands is a custom added 'ping' command that has a command injection vulnerability that allows the attacker to escape the restricted environment and enter into a root shell terminal that can execute commands as the root user. Many versions are affected.

tags | exploit, web, shell, root
MD5 | 3679d738983dec17aa3243aa408c3212
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Open Redirect
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from an open redirection vulnerability. Many versions are affected.

tags | exploit
MD5 | afbbf88e9876ec95b9eb0b84ade6d536
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Configuration Download
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from a system backup configuration file 'IPn4G.config' in '/' directory or its respective name based on the model name including the similar files in '/www/cgi-bin/system.conf', '/tmp' and the cli.conf in '/etc/m_cli/' can be downloaded by an authenticated attacker in certain circumstances. This will enable the attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and/or full system access. Many versions are affected.

tags | exploit, cgi
MD5 | e8955597bdd0224a62bfdb870b980cf0
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Arbitrary File Attacks
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from an issue where due to the hidden and undocumented File Editor (Filesystem Browser) shell script 'system-editor.sh' an attacker can leverage this issue to read, modify or delete arbitrary files on the system. Input passed thru the 'path' and 'savefile', 'edit' and 'delfile' GET and POST parameters is not properly sanitized before being used to modify files. This can be exploited by an authenticated attacker to read or modify arbitrary files on the affected system. Many versions are affected.

tags | exploit, arbitrary, shell
MD5 | c7aa24d69a51dbc46e0636cc8eb7baae
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Hidden Features
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems have undocumented and hidden features present via the web management interface. These features allow an authenticated attacker to take full control of the device and/or modify internal OS settings, read arbitrary files or even render the device unusable. Many versions are affected.

tags | exploit, web, arbitrary
MD5 | 4a92f4d86bb220e897be6dc5df1fa026
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Denial Of Service
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems have an undocumented and hidden feature that allows an authenticated attacker to list running processes in the operating system and send arbitrary signals to kill any process running in the background including starting and stopping system services. This impacts availability and can be triggered also by CSRF attacks that requires device restart and/or factory reset to rollback malicious changes. Many versions are affected.

tags | exploit, arbitrary
MD5 | c7e76548cf7a9abfd546cfa5d7af587e
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Remote Root
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from multiple authenticated arbitrary remote code execution vulnerabilities with highest privileges. This is due to multiple hidden and undocumented features within the admin interface that allows an attacker to create crontab jobs and/or modify the system startup script that allows execution of arbitrary code as root user. Many versions are affected.

tags | exploit, remote, arbitrary, root, vulnerability, code execution
MD5 | 21e4fe6dfbdca8fc7b0eeebde7b04dd1
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Default Credentials
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems utilize hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the gateway. Another vulnerability could allow an authenticated attacker to gain root access. The vulnerability is due to default credentials. An attacker could exploit this vulnerability by logging in using the default credentials. Many versions are affected.

tags | exploit, root
systems | linux
MD5 | 4e3004d8f3c50bedebecb9cbb12651ff
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway CSRF
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems allow users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Many versions are affected.

tags | exploit, web
MD5 | 1c9d0c91aa832d5b885abfebe7855448
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway XSS
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems are prone to multiple reflected and stored cross-site scripting vulnerabilities due to a failure to properly sanitize user-supplied input to several parameters that are handled by various servlets. Attackers can exploit this issue to execute arbitrary HTML and script code in a user's browser session. Many versions are affected.

tags | exploit, arbitrary, vulnerability, xss
MD5 | 4335daff61aee85b79cf9f7773893b4c
Ecessa ShieldLink SL175EHQ 10.7.4 Add Superuser Cross Site Request Forgery
Posted Jun 25, 2018
Authored by LiquidWorm | Site zeroscience.mk

Ecessa ShieldLink SL175EHQ version 10.7.4 suffers from an add superuser cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 8a8c1de2a67b10c2994223ebb10d07b6
Page 1 of 24
Back12345Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    1 Files
  • 18
    Nov 18th
    1 Files
  • 19
    Nov 19th
    3 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close