what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2018-07-16

Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Backdoor Jailbreak
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems have a web shell application that includes a service called Microhard Sh that is documented only as 'reserved for internal use'. This service can be enabled by an authenticated user within the Services menu in the web admin panel. This can also be enabled via CSRF attack. When the service is enabled, a user 'msshc' is created on the system with password 'msshc' for SSH shell access on port 22. When connected, the user is dropped into a NcFTP jailed environment, that has limited commands for file transfer administration. One of the commands is a custom added 'ping' command that has a command injection vulnerability that allows the attacker to escape the restricted environment and enter into a root shell terminal that can execute commands as the root user. Many versions are affected.

tags | exploit, web, shell, root
MD5 | 3679d738983dec17aa3243aa408c3212
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Open Redirect
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from an open redirection vulnerability. Many versions are affected.

tags | exploit
MD5 | afbbf88e9876ec95b9eb0b84ade6d536
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Configuration Download
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from a system backup configuration file 'IPn4G.config' in '/' directory or its respective name based on the model name including the similar files in '/www/cgi-bin/system.conf', '/tmp' and the cli.conf in '/etc/m_cli/' can be downloaded by an authenticated attacker in certain circumstances. This will enable the attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and/or full system access. Many versions are affected.

tags | exploit, cgi
MD5 | e8955597bdd0224a62bfdb870b980cf0
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Arbitrary File Attacks
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from an issue where due to the hidden and undocumented File Editor (Filesystem Browser) shell script 'system-editor.sh' an attacker can leverage this issue to read, modify or delete arbitrary files on the system. Input passed thru the 'path' and 'savefile', 'edit' and 'delfile' GET and POST parameters is not properly sanitized before being used to modify files. This can be exploited by an authenticated attacker to read or modify arbitrary files on the affected system. Many versions are affected.

tags | exploit, arbitrary, shell
MD5 | c7aa24d69a51dbc46e0636cc8eb7baae
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Hidden Features
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems have undocumented and hidden features present via the web management interface. These features allow an authenticated attacker to take full control of the device and/or modify internal OS settings, read arbitrary files or even render the device unusable. Many versions are affected.

tags | exploit, web, arbitrary
MD5 | 4a92f4d86bb220e897be6dc5df1fa026
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Denial Of Service
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems have an undocumented and hidden feature that allows an authenticated attacker to list running processes in the operating system and send arbitrary signals to kill any process running in the background including starting and stopping system services. This impacts availability and can be triggered also by CSRF attacks that requires device restart and/or factory reset to rollback malicious changes. Many versions are affected.

tags | exploit, arbitrary
MD5 | c7e76548cf7a9abfd546cfa5d7af587e
VelotiSmart WiFi B-380 Camera Directory Traversal
Posted Jul 16, 2018
Authored by Miguel Mendez Z

VelotiSmart WiFi B-380 Camera suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2018-14064
MD5 | 8751fc8d501690682d891ec46e468a3f
Microsoft Security Bulletin Advisory Notification For July, 2018
Posted Jul 16, 2018
Site microsoft.com

This Microsoft advisory notification includes advisories released or updated on July 16, 2018.

tags | advisory
MD5 | c12419004addc1173cd995f18633ce1f
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Remote Root
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from multiple authenticated arbitrary remote code execution vulnerabilities with highest privileges. This is due to multiple hidden and undocumented features within the admin interface that allows an attacker to create crontab jobs and/or modify the system startup script that allows execution of arbitrary code as root user. Many versions are affected.

tags | exploit, remote, arbitrary, root, vulnerability, code execution
MD5 | 21e4fe6dfbdca8fc7b0eeebde7b04dd1
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Default Credentials
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems utilize hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the gateway. Another vulnerability could allow an authenticated attacker to gain root access. The vulnerability is due to default credentials. An attacker could exploit this vulnerability by logging in using the default credentials. Many versions are affected.

tags | exploit, root
systems | linux
MD5 | 4e3004d8f3c50bedebecb9cbb12651ff
Microsoft Security Bulletin CVE Revision Increment For July, 2018
Posted Jul 16, 2018
Site microsoft.com

This Microsoft bulletin summary holds a CVE update for CVE-2018-8319.

tags | advisory
advisories | CVE-2018-8319
MD5 | dd6dfc916a7525371d569386396a1e95
Microsoft Windows Enterprise Mode Site List 1/2 XML Injection
Posted Jul 16, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows Enterprise Mode Site List Manager versions 1 and 2 suffer from an XML external entity injection vulnerability.

tags | exploit
systems | windows
MD5 | adb95485a2175dc841aa24d2a530ed72
Microsoft Windows .library-ms Information Disclosure
Posted Jul 16, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Library description files are XML files that define libraries. Libraries aggregate items from local and remote storage locations into a single view in Windows Explorer. Library description files follow the Library Description schema and are saved as *.library-ms files. The .library-ms filetype triggers forced authentication when a user/client accesses a remote share that houses an attacker supplied ".library-ms" file, disclosing credential hashes and other identifiable computer informations.

tags | exploit, remote, local
systems | windows
MD5 | 3efbbbe3394fffedf1bbcf55f304effb
Debian Security Advisory 4246-1
Posted Jul 16, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4246-1 - Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. discovered that mailman, a web-based mailing list manager, is prone to a cross-site scripting flaw allowing a malicious listowner to inject scripts into the listinfo page, due to not validated input in the host_name field.

tags | advisory, web, xss
systems | linux, debian
advisories | CVE-2018-0618
MD5 | 5da3a31476892b5c1ed2b5e50d884a97
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway CSRF
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems allow users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Many versions are affected.

tags | exploit, web
MD5 | 1c9d0c91aa832d5b885abfebe7855448
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway XSS
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems are prone to multiple reflected and stored cross-site scripting vulnerabilities due to a failure to properly sanitize user-supplied input to several parameters that are handled by various servlets. Attackers can exploit this issue to execute arbitrary HTML and script code in a user's browser session. Many versions are affected.

tags | exploit, arbitrary, vulnerability, xss
MD5 | 4335daff61aee85b79cf9f7773893b4c
Ubuntu Security Notice USN-3717-1
Posted Jul 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3717-1 - Tavis Ormandy discovered that PolicyKit incorrectly handled certain invalid object paths. A local attacker could possibly use this issue to cause PolicyKit to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. It was discovered that PolicyKit incorrectly handled certain duplicate action IDs. A local attacker could use this issue to cause PolicyKit to crash, resulting in a denial of service, or possibly escalate privileges. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2015-3218, CVE-2015-3255, CVE-2015-4625, CVE-2018-1116
MD5 | bb26c8309333e7b82004f400f1d0c1c2
WordPress Job Manager 4.1.0 Cross Site Scripting
Posted Jul 16, 2018
Authored by Berk Dusunur, Selimcan Ozdemir

WordPress Job Manager plugin version 4.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 713677340126e577af82e0180131ad8f
TP-Link Archer C60 1.0 Code Execution
Posted Jul 16, 2018
Authored by Ismail Tasdelen

TP-Link Archer C60 version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 70a78e642a576269982f98b767e631b6
Linux/ARM Bindshell (tcp/1234) Shellcode
Posted Jul 16, 2018
Authored by odzhancode

104 bytes small Linux/ARM bindshell shellcode that binds to tcp/1234.

tags | tcp, shellcode
systems | linux
MD5 | fb5373c92e81a9b35016a05a78e0c5b8
Linux x86_64 IPv6 Reverse Shell With Password Shellcode
Posted Jul 16, 2018
Authored by Hashim Jawad

Linux/x86_64 reverse shell (IPv6) shellcode with password.

tags | shell, shellcode
systems | linux
MD5 | dbd483d4db3276e5d473382e1fdcfc3a
Page 1 of 1
Back1Next

File Archive:

January 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    15 Files
  • 2
    Jan 2nd
    15 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    1 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    24 Files
  • 8
    Jan 8th
    15 Files
  • 9
    Jan 9th
    16 Files
  • 10
    Jan 10th
    23 Files
  • 11
    Jan 11th
    17 Files
  • 12
    Jan 12th
    3 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    33 Files
  • 16
    Jan 16th
    23 Files
  • 17
    Jan 17th
    29 Files
  • 18
    Jan 18th
    15 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close