exploit the possibilities
Showing 26 - 50 of 592 RSS Feed

Files from LiquidWorm

Real NameGjoko Krstic
Email addressprivate
First Active2007-07-26
Last Active2019-02-05
View User Profile
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Hidden Features
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems have undocumented and hidden features present via the web management interface. These features allow an authenticated attacker to take full control of the device and/or modify internal OS settings, read arbitrary files or even render the device unusable. Many versions are affected.

tags | exploit, web, arbitrary
MD5 | 4a92f4d86bb220e897be6dc5df1fa026
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Denial Of Service
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems have an undocumented and hidden feature that allows an authenticated attacker to list running processes in the operating system and send arbitrary signals to kill any process running in the background including starting and stopping system services. This impacts availability and can be triggered also by CSRF attacks that requires device restart and/or factory reset to rollback malicious changes. Many versions are affected.

tags | exploit, arbitrary
MD5 | c7e76548cf7a9abfd546cfa5d7af587e
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Remote Root
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from multiple authenticated arbitrary remote code execution vulnerabilities with highest privileges. This is due to multiple hidden and undocumented features within the admin interface that allows an attacker to create crontab jobs and/or modify the system startup script that allows execution of arbitrary code as root user. Many versions are affected.

tags | exploit, remote, arbitrary, root, vulnerability, code execution
MD5 | 21e4fe6dfbdca8fc7b0eeebde7b04dd1
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Default Credentials
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems utilize hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the gateway. Another vulnerability could allow an authenticated attacker to gain root access. The vulnerability is due to default credentials. An attacker could exploit this vulnerability by logging in using the default credentials. Many versions are affected.

tags | exploit, root
systems | linux
MD5 | 4e3004d8f3c50bedebecb9cbb12651ff
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway CSRF
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems allow users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Many versions are affected.

tags | exploit, web
MD5 | 1c9d0c91aa832d5b885abfebe7855448
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway XSS
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems are prone to multiple reflected and stored cross-site scripting vulnerabilities due to a failure to properly sanitize user-supplied input to several parameters that are handled by various servlets. Attackers can exploit this issue to execute arbitrary HTML and script code in a user's browser session. Many versions are affected.

tags | exploit, arbitrary, vulnerability, xss
MD5 | 4335daff61aee85b79cf9f7773893b4c
Ecessa ShieldLink SL175EHQ 10.7.4 Add Superuser Cross Site Request Forgery
Posted Jun 25, 2018
Authored by LiquidWorm | Site zeroscience.mk

Ecessa ShieldLink SL175EHQ version 10.7.4 suffers from an add superuser cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 8a8c1de2a67b10c2994223ebb10d07b6
Ecessa WANWorx WVR-30 10.7.4 Add Superuser Cross Site Request Forgery
Posted Jun 25, 2018
Authored by LiquidWorm | Site zeroscience.mk

Ecessa WANWorx WVR-30 version 10.7.4 suffers from an add superuser cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | f9ae008e6a2e97e05d2523eb4a0e7f95
Ecessa Edge EV150 10.7.4 Add Superuser Cross Site Request Forgery
Posted Jun 25, 2018
Authored by LiquidWorm | Site zeroscience.mk

Ecessa Edge EV150 version 10.7.4 suffers from an add superuser cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 32235352c43c1764ff3761997d4f28eb
Rockwell Automation RSLinx Classic / FactoryTalk Linx Gateway Privilege Escalation
Posted Jun 13, 2018
Authored by LiquidWorm | Site zeroscience.mk

Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway suffer from a privilege escalation vulnerability. Rockwell Automation RSLinx Classic versions 3.90.01, 3.73.00, 3.72.00, and 2.58.00 are susceptible. Rockwell Automation FactoryTalk Linx Gateway version 3.90.00 is susceptible.

tags | exploit
advisories | CVE-2018-10619
MD5 | 59c9bf7a610c8becf0674a228bcebf7b
GNU Barcode 0.99 Memory Leak
Posted May 30, 2018
Authored by LiquidWorm | Site zeroscience.mk

GNU Barcode version 0.99 suffers from a memory leak vulnerability.

tags | exploit, memory leak
MD5 | d0eee2c339964fbd4ec3ae2aaa49f342
GNU Barcode 0.99 Buffer Overflow
Posted May 29, 2018
Authored by LiquidWorm | Site zeroscience.mk

GNU Barcode version 0.99 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | f073b26e93b2412c4eebf8bf6a859fb8
Epic Games Launcher 7.9.4-4058369 Insecure File Permissions
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Launcher version 7.9.4-4058369 suffers from an insecure file permissions vulnerability.

tags | exploit
MD5 | 7fa8529b91bb7a5f82012456098247bf
Epic Games Fortnite 4.2-CL-4072250 Insecure File Permissions
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Epic Games Fortnite version 4.2-CL-4072250 suffers from an insecure file permissions vulnerability.

tags | exploit
MD5 | 53874ec8a31c983f1f18e22c35e62744
Teradek VidiU Pro 3.0.3 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek VidiU Pro version 3.0.3 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
MD5 | 85f74b0bec8310d4a27675d34c91fdcf
Teradek Slice 7.3.15 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Slice version 7.3.15 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
MD5 | 0cf6b30e0f45999cc94c85ea740b66ed
Teradek T-RAX 7.3.2 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek T-RAX version 7.3.2 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
MD5 | b94d2810cd0ee343c10b24d906ad3e7d
Teradek Slice 7.3.15 Change Password Cross Site Request Forgery
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Slice version 7.3.15 suffers from a password changing cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | c4cc6381be728820054867a92156d4a7
Teradek Cube 7.3.6 Change Password Cross Site Request Forgery
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Cube version 7.3.6 suffers from a password changing cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 6ee2897fda34fa7704724bbd3ddae301
Teradek Cube 7.3.6 (snapshot.cgi) Stream Disclosure
Posted May 22, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek Cube version 7.3.6 suffers from a stream disclosure vulnerability in snapshot.cgi.

tags | exploit, cgi
MD5 | 4503c90da737c7d782d2b0c1ff45ad01
Teradek VidiU Pro 3.0.3 Change Password Cross Site Request Forgery
Posted May 21, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek VidiU Pro version 3.0.3 change password cross site request forgery exploit.

tags | exploit, csrf
MD5 | 115198b7fedbb857773cdf3075ec2c62
Teradek VidiU Pro 3.0.3 Server-Side Request Forgery
Posted May 21, 2018
Authored by LiquidWorm | Site zeroscience.mk

Teradek VidiU Pro version 3.0.3 suffers from a server-side request forgery vulnerability.

tags | exploit
MD5 | 488097c41ddd0c67e161fdff46ba8227
KYOCERA Multi-Set Template Editor 3.4 Out-Of-Band XML External Entity Injection
Posted Apr 9, 2018
Authored by LiquidWorm | Site zeroscience.mk

KYOCERA Multi-Set Template Editor version 3.4.0906 suffers from an out-of-band XML external entity injection vulnerability.

tags | exploit, xxe
MD5 | 0c8850a036da5916bbb8e718eccc4d21
KYOCERA Net Admin 3.4 Cross Site Request Forgery
Posted Apr 9, 2018
Authored by LiquidWorm | Site zeroscience.mk

KYOCERA Net Admin version 3.4.0906 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 7ad8f76f1fae53993f2d3a96a9888f6f
KYOCERA Net Admin 3.4 Cross Site Scripting
Posted Apr 9, 2018
Authored by LiquidWorm | Site zeroscience.mk

KYOCERA Net Admin version 3.4.0906 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 018207298d9757ca292421d347ec5edb
Page 2 of 24
Back12345Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    32 Files
  • 20
    Feb 20th
    15 Files
  • 21
    Feb 21st
    17 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close