exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 1,927 RSS Feed

Operating System: Cisco

Cisco WLC 2504 8.9 Denial Of Service
Posted Dec 4, 2019
Authored by SecuNinja

Cisco WLC 2504 version 8.9 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | cisco
advisories | CVE-2019-15276
SHA-256 | 692da50c6c7b702b96f528fe1dd64418fb776f151a11cb9154373c976bd4af4b
Debian Security Advisory 4535-1
Posted Sep 29, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4535-1 - Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | cisco, linux, debian
advisories | CVE-2019-5094
SHA-256 | 1f480636110a11b39ec419c46b823b4198eccd80b372df970a9544c259f933d5
Generic Zip Slip Traversal
Posted Sep 12, 2019
Authored by sinn3r, Snyk | Site metasploit.com

This is a generic arbitrary file overwrite technique, which typically results in remote command execution. This targets a simple yet widespread vulnerability that has been seen affecting a variety of popular products including HP, Amazon, Apache, Cisco, etc. The idea is that often archive extraction libraries have no mitigations against directory traversal attacks. If an application uses it, there is a risk when opening an archive that is maliciously modified, and results in the embedded payload to be written to an arbitrary location (such as a web root), and results in remote code execution.

tags | exploit, remote, web, arbitrary, root, code execution
systems | cisco
SHA-256 | 8f0ccbdfa41b81ddec1fba4936ed5ca28502dd6600b5ac754d4fe23b7ec5988d
Cisco Content Security Virtual Appliance M380 IronPort Remote Cross Site Host Modification
Posted Sep 9, 2019
Authored by Todor Donev

Cisco Content Security Virtual Appliance M380 IronPort remote cross site host modification demo exploit.

tags | exploit, remote
systems | cisco
SHA-256 | 73c9d99009b7401255bba6a1f56507939d40908be4130273b2c562c5a4a3adb6
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
Posted Sep 4, 2019
Authored by T. Weber | Site sec-consult.com

Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities.

tags | exploit, vulnerability
systems | cisco
advisories | CVE-2014-4043, CVE-2014-9402, CVE-2014-9761, CVE-2014-9984, CVE-2015-1472, CVE-2015-5277, CVE-2015-7547, CVE-2015-8778, CVE-2015-8779, CVE-2015-9261, CVE-2016-2147, CVE-2016-2148, CVE-2016-6301, CVE-2017-1000366, CVE-2017-16544, CVE-2018-20679, CVE-2019-5747
SHA-256 | 3726cd3c69f647990c48b627f7552d3a2fdba185bb79ef1247f427b865bde817
Cisco Email Security Virtual Appliance C380 IronPort Header Injection
Posted Sep 4, 2019
Authored by Todor Donev

Cisco Email Security Virtual Appliance C380 IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | 22df195418f74a56634bd310b7da36a4fdf581a8903f80d6ae395c7c7f946d92
Cisco Email Security Virtual Appliance C300V IronPort Header Injection
Posted Sep 4, 2019
Authored by Todor Donev

Cisco Email Security Virtual Appliance C300V IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | b2a95ef79610176da5267a46a9488b05662546d359c6b416942f91ac57d5e952
Cisco Content Security Management Virtual Appliance M600V IronPort Header Injection
Posted Sep 4, 2019
Authored by Todor Donev

Cisco Content Security Management Virtual Appliance M600V IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | c7a0b8d068fd7c8df937ba5cf737eafcd11bc58ff8f2299b7f69502289c92892
Cisco IronPort C350 Header Injection
Posted Sep 3, 2019
Authored by Todor Donev

Cisco IronPort C350 remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | 46aa6ec3a6ceb2fb7831a82b780d522b93acdd23c01e01fdc83b7da4ec5aefa9
Cisco Email Security Virtual Appliance C370 IronPort Header Injection
Posted Sep 3, 2019
Authored by Todor Donev

Cisco Email Security Virtual Appliance C370 IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | 36b762978c34e1f16ed9d93334f8184be045b42ea6fd1fe3f627d000b31db178
Cisco Email Security Virtual Appliance C600V IronPort Header Injection
Posted Sep 3, 2019
Authored by Todor Donev

Cisco Email Security Virtual Appliance C600V IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | 655be479e29923ba9adf959f5e03b50adb87fb428255023f173d521b5c61eff2
Cisco C690 Email Security Appliance 11.0.2-044 IronPort Header Injection
Posted Sep 3, 2019
Authored by Todor Donev

Cisco C690 Email Security Appliance version 11.0.2-044 IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | 6af5adca7d10cef4776a34b1429f256e611964bb3d4f4a3810ee8088b9807707
Cisco Email Security Virtual Appliance C100V IronPort Header Injection
Posted Sep 3, 2019
Authored by Todor Donev

Cisco Email Security Virtual Appliance C100V IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | 12bb004fdfdf55d718012ab35bbdf7095552636428ef9dab518a924742d5263b
Cisco C170 Email Security Appliance 10.0.3-003 IronPort Header Injection
Posted Sep 3, 2019
Authored by Todor Donev

Cisco C170 Email Security Appliance version 10.0.3-003 IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | 633ae417bb1a1f1ecee9515bd39772702da57955e5320f29a683d8a630063e9e
Cisco M1070 Content Security Management Appliance IronPort Header Injection
Posted Sep 3, 2019
Authored by Todor Donev

Cisco M1070 Content Security Management Appliance IronPort remote host header injection exploit.

tags | exploit, remote
systems | cisco
SHA-256 | 5ba21eee4ea148a7f9115d1e1857e91697c72fa25d23cbcf551f8549a4fbe6d0
Cisco UCS Director Unauthenticated Remote Code Execution
Posted Sep 2, 2019
Authored by Pedro Ribeiro | Site metasploit.com

The Cisco UCS Director virtual appliance contains two flaws that can be combined and abused by an attacker to achieve remote code execution as root. The first one, CVE-2019-1937, is an authentication bypass, that allows the attacker to authenticate as an administrator. The second one, CVE-2019-1936, is a command injection in a password change form, that allows the attacker to inject commands that will execute as root. This module combines both vulnerabilities to achieve the unauthenticated command injection as root. It has been tested with Cisco UCS Director virtual machines 6.6.0 and 6.7.0. Note that Cisco also mentions in their advisory that their IMC Supervisor and UCS Director Express are also affected by these vulnerabilities, but this module was not tested with those products.

tags | exploit, remote, root, vulnerability, code execution
systems | cisco
advisories | CVE-2019-1936, CVE-2019-1937
SHA-256 | 88e2661eac6ae7e8e4a10814c6417ce137ece9446d83413cd0c6813936fdb7e1
Cisco UCS Director Default scpuser Password
Posted Sep 2, 2019
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module abuses a known default password on Cisco UCS Director. The 'scpuser' has the password of 'scpuser', and allows an attacker to login to the virtual appliance via SSH. This module has been tested with Cisco UCS Director virtual machines 6.6.0 and 6.7.0. Note that Cisco also mentions in their advisory that their IMC Supervisor and UCS Director Express are also affected by these vulnerabilities, but this module was not tested with those products.

tags | exploit, vulnerability
systems | cisco
advisories | CVE-2019-1935
SHA-256 | 94bda7121e042ee09228bf74bbf6f0d5581de7fd36faaa0ab4e892b49f16f89e
Cisco RV110W / RV130(W) / RV215W Remote Command Execution
Posted Sep 2, 2019
Authored by Quentin Kaiser, Yu Zhang, T. Shiomitsu, Haoliang Lu | Site metasploit.com

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected. Note: successful exploitation may not result in a session, and as such, on_new_session will never repair the HTTP server, leading to a denial-of-service condition.

tags | exploit, remote, web, arbitrary
systems | cisco
advisories | CVE-2019-1663
SHA-256 | 2c771b51eb75ada179bdbfecb74aebaee8b16721ebc04a5e5d918a82a211ed0a
Cisco IronPort C150 Header Injection
Posted Sep 2, 2019
Authored by Todor Donev

Cisco IronPort C150 suffers from a remote host header injection vulnerability.

tags | exploit, remote
systems | cisco
SHA-256 | ce45780afb7f4d877adb44119292a4a17c67e3b1648fbbc8fcca7490240237a5
Cisco (Titsco) Email Security Appliance (IronPort) C160 Header Injection
Posted Aug 31, 2019
Authored by Todor Donev

Cisco (Titsco) Email Security Appliance (IronPort) C160 suffers from a host header injection vulnerability.

tags | exploit
systems | cisco
SHA-256 | c39dc4b54f558e9618390cbfce70fd7a8832ce9236eb26d340893aaede098891
Cisco UCS / IMC Supervisor Authentication Bypass / Command Injection
Posted Aug 28, 2019
Authored by Pedro Ribeiro

Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data suffer from default password, authentication bypass, and command injection vulnerabilities.

tags | exploit, vulnerability, bypass
systems | cisco
advisories | CVE-2019-1935, CVE-2019-1936, CVE-2019-1937
SHA-256 | 38e7a01258bfec09b0882ac7dbf7cd123357ef8737f810d17b3e0ebf1d0c844e
Cisco Adaptive Security Appliance Path Traversal
Posted Aug 12, 2019
Authored by Angelo Ruwantha, Yassine Aboukir | Site metasploit.com

This Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques.

tags | exploit, file inclusion
systems | cisco
advisories | CVE-2018-0296
SHA-256 | ccf085e5a044cb918fae95c5556ebbf021851f7abfb9c7fab3ef667e68647642
Cisco Catalyst 3850 Series Device Manager 3.6.10E Cross Site Request Forgery
Posted Aug 1, 2019
Authored by Alperen Soydan

Cisco Catalyst 3850 Series Device Manager version 3.6.10E suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
systems | cisco
SHA-256 | a079ae01655e5720718186f31d323af608aeaa58c70c805477a493c24496d12a
Cisco Wireless Controller 3.6.10E Cross Site Request Forgery
Posted Jul 23, 2019
Authored by Mehmet Onder Key

Cisco Wireless Controller version 3.6.10E suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
systems | cisco
SHA-256 | 9d87c7999f6ffa9dd2fabd3fb997b5926a5fe0f4da7a6b3bc135f20fbdbf7946
Cisco Small Business Switch Information Leakage / Open Redirect
Posted Jul 15, 2019
Authored by Ramikan

Cisco Small Business switches versions 200, 300, and 500 suffer from information leakage and open redirection vulnerabilities.

tags | exploit, vulnerability, info disclosure
systems | cisco
advisories | CVE-2019-1943
SHA-256 | 2bb0ac94980c464d3bdf481b45f48e9917e275cf0b9cfd65dffcfed0b11c7913
Page 3 of 78
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close