exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2019-04-26

Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Set_Task.cgi Permission Assignment
Posted Apr 26, 2019
Authored by Cisco Talos, Carl Hurd

An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a arbitrary setting writes, resulting in the unverified changes to any system setting. An attacker can make an authenticated HTTP request, or run the binary as any user, to trigger this vulnerability.

tags | exploit, web, arbitrary, cgi
SHA-256 | b6b5e7d97f80e9991783d37c820d5a565fa0b7b7199695cec240963831c1d23c
Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Get_Task.cgi Information Disclosure
Posted Apr 26, 2019
Authored by Cisco Talos, Jared Rittle, Carl Hurd | Site talosintelligence.com

An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an information disclosure, resulting in the exposure of confidential information, including, but not limited to, plaintext passwords and SNMP community strings. An attacker can make an authenticated HTTP request, or run the binary, to trigger this vulnerability.

tags | exploit, web, cgi, info disclosure
advisories | CVE-2018-4070, CVE-2018-4071
SHA-256 | f3e9e439a12b70a96bfeb02d461beccb29bf0fda4eae49519ccb97a1479c0998
Sierra Wireless AirLink ES450 ACEManager Information Disclosure
Posted Apr 26, 2019
Authored by Cisco Talos, Carl Hurd | Site talosintelligence.com

An exploitable information disclosure vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A HTTP request can result in disclosure of the default configuration for the device. An attacker can send an unauthenticated HTTP request to trigger this vulnerability.

tags | exploit, web, info disclosure
advisories | CVE-2018-4068
SHA-256 | b6ca60016ded995d485b909bbcdce5ced8b2dd7b352b4901d928b5e885d79c1b
Sierra Wireless AirLink ES450 ACEManager Cross Site Request Forgery
Posted Apr 26, 2019
Authored by Cisco Talos, Jared Rittle, Carl Hurd | Site talosintelligence.com

An exploitable cross-site request forgery vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an authenticated user to perform privileged requests unknowingly, resulting in unauthenticated requests being requested through an authenticated user. An attacker can get an authenticated user to request authenticated pages on the attacker's behalf to trigger this vulnerability.

tags | exploit, web, csrf
advisories | CVE-2018-4066
SHA-256 | 7446e3c936f9c136b678adfb1f9ae27d1dee0b2057e87e5de249142841de43f3
Sierra Wireless AirLink ES450 SNMPD Hard-Coded Credentials
Posted Apr 26, 2019
Authored by Cisco Talos, Carl Hurd | Site talosintelligence.com

A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in a hard-coded, in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability.

tags | exploit
advisories | CVE-2018-4062
SHA-256 | 5464014b705bff7982ea1c8756b42d94e9b409b6553334a62b4218d81a0b8357
Sierra Wireless AirLink ES450 ACEManager upload.cgi Remote Code Execution
Posted Apr 26, 2019
Authored by Cisco Talos, Carl Hurd

An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability.

tags | exploit, remote, web, cgi, code execution
advisories | CVE-2018-4063
SHA-256 | 94904005a117eb6fda194315d152fd94ea44aa87006ebcb29834bdb9395935ce
Sierra Wireless AirLink ES450 ACEManager ping_result.cgi Cross Site Scripting
Posted Apr 26, 2019
Authored by Cisco Talos, Carl Hurd | Site talosintelligence.com

An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the victim's browser. An attacker can get a victim to click a link, or embedded URL, that redirects to the reflected cross-site scripting vulnerability to trigger this vulnerability.

tags | exploit, web, cgi, javascript, code execution, xss
advisories | CVE-2018-4065
SHA-256 | 843062931f3d85ff42aac061fbc4007b19a65b2deb3e53ce1c161532a0586172
Sierra Wireless AirLink ES450 ACEManager upload.cgi Unverified Password Change
Posted Apr 26, 2019
Authored by Cisco Talos, Carl Hurd | Site talosintelligence.com

An exploitable unverified password change vulnerability exists in the ACEManager upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a unverified device configuration change, resulting in an unverified change of the user password on the device. An attacker can make an authenticated HTTP request to trigger this vulnerability.

tags | exploit, web, cgi
advisories | CVE-2018-4064
SHA-256 | 03dc48edf642f79b31afeae22c3d7656aa0c1b7af7fa4437850772c1cd927437
Sierra Wireless AirLink ES450 ACEManager iplogging.cgi Command Injection
Posted Apr 26, 2019
Authored by Cisco Talos, Jared Rittle, Carl Hurd | Site talosintelligence.com

An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can inject arbitrary commands, resulting in arbitrary command execution. An attacker can send an authenticated HTTP request to trigger this vulnerability.

tags | exploit, web, arbitrary, cgi
advisories | CVE-2018-4061
SHA-256 | af5b23fa20f418a3ae4846c607a1b417e1e10c46d2de2f3be018020bcadeb4d2
Pycat Simple Windows Reverse TCP backdoor
Posted Apr 26, 2019
Authored by Daniel Moreno

Pycat is a simple Windows reverse TCP backdoor akin to a netcat TCP reverse connection clone. Written in Python.

tags | tcp, python
systems | windows
SHA-256 | 87c525e44512dcd47cc0d652b9ad377f81a2997c6ac650b9f0346ac0b7e1c508
Apache Pluto 3.0.0 / 3.0.1 Cross Site Scripting
Posted Apr 26, 2019
Authored by Dhiraj Mishra

Apache Pluto versions 3.0.0 and 3.0.1 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-0186
SHA-256 | bc0a3e0163f2496ba695cd031c4936411fb61ecb6d3dd26b359fcdc291d07788
GAT-Ship Web Module Unrestricted File Upload
Posted Apr 26, 2019
Authored by Gionathan Reale

GAT-Ship Web Module versions prior to 1.40 suffer from an unrestricted file upload vulnerability.

tags | advisory, web, file upload
advisories | CVE-2019-11028
SHA-256 | 29b659482027b40950b1a55c4531b6749375a0bdfd8e2c1ecbc694deaca21696
NSauditor 3.1.2.0 Name Denial Of Service
Posted Apr 26, 2019
Authored by Victor Mondragon

NSauditor version 3.1.2.0 Name denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | b45728985b980ab332a9c0066bf7ba8f9e7789f8d7efa96c6d4d13b4c4ca0152
NSauditor 3.1.2.0 Community Denial Of Service
Posted Apr 26, 2019
Authored by Victor Mondragon

NSauditor version 3.1.2.0 Community denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 4a1ef16e2621b86e79559a9f688df31ba3a101c21e9fc34cd25db04ca9b4052a
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close