what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 39 RSS Feed

Files

Zyxel P-660HW-T1 Cross Site Request Forgery
Posted May 27, 2014
Authored by Mustafa ALTINKAYNAK

Zyxel P-660HW-T1 version 3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | fd9b20b0d05fd77557aae1de1ada5ed4176bd0b607d5532fa11878fa9e8108c1

Related Files

Zyxel USG FLEX 5.21 Command Injection
Posted Jun 3, 2022
Authored by Valentin Lobstein

Zyxel USG FLEX version 5.21 suffers from a command injection vulnerability.

tags | exploit
advisories | CVE-2022-30525
SHA-256 | d241a3c90061a120559caf280f0fe2fd049d9b836481bf51a1841e3861dfdf0a
Zyxel Firewall ZTP Unauthenticated Command Injection
Posted May 16, 2022
Authored by jbaines-r7 | Site metasploit.com

This Metasploit module exploits CVE-2022-30525, an unauthenticated remote command injection vulnerability affecting Zyxel firewalls with zero touch provisioning (ZTP) support. By sending a malicious setWanPortSt command containing an mtu field with a crafted OS command to the /ztp/cgi-bin/handler page, an attacker can gain remote command execution as the nobody user. Affected Zyxel models are USG FLEX 50, 50W, 100W, 200, 500, 700 using firmware 5.21 and below, USG20-VPN and USG20W-VPN using firmware 5.21 and below, and ATP 100, 200, 500, 700, 800 using firmware 5.21 and below.

tags | exploit, remote, cgi
advisories | CVE-2022-30525
SHA-256 | ab9073cd14f8ea730621aa93b69a0d03cb5f9d8e92dbc88068fca19ff77f6fab
Zyxel NWA-1100-NH Command Injection
Posted Apr 18, 2022
Authored by Ahmed Alroky

Zyxel NWA-1100-NH suffers from a command injection vulnerability.

tags | exploit
advisories | CVE-2021-4039
SHA-256 | 943964952c62a12e083fcd69e03d964227292ee15a686547d9ee1c73c6655290
Zyxel Armor X1 WAP6806 Directory Traversal
Posted Jul 15, 2020
Authored by Rajivarnan R

Zyxel Armor X1 WAP6806 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2020-14461
SHA-256 | f1e1d0fd46f9df6b57371ee28f0b276b858aa8e66240731911e05e1c29808ae4
Zyxel CNM SecuManager 3.1.0 / 3.1.1 Hardcoded Keys / XSS / Code Execution
Posted Mar 15, 2020
Authored by Pierre Kim

Zyxel CNM SecuManager versions 3.1.0 and 3.1.1 suffer from having hard-coded secrets, missing authentication, backdoors, and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution
SHA-256 | 3c3f163d0c264f8928d2c11d08aaa6f6a1b4fbcda9b03fe3db342d382fa8d619
ZyXEL P-660HN-T1 V2 Missing Authentication / Password Disclosure
Posted May 31, 2019
Authored by Onur Onur

The ZyXEL P-660HN-T1 V2 rpWLANRedirect.asp page is missing authentication and discloses an administrator password.

tags | exploit, asp, bypass
advisories | CVE-2019-6725
SHA-256 | cd8bb7af8822a1c75ff1134d8c9adce8d94144c9aa905f9b2571d26b3cd740ee
Zyxel ZyWall Cross Site Scripting
Posted Apr 16, 2019
Authored by Aaron Bishop

ZyWall 310, ZyWall 110, USG1900, ATP500, and USG40 devices suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9955
SHA-256 | 81540b3aa097eb20c487c7beb07f37000e14749f428121afdc08a3ecc9515357
Zyxel VMG3312-B10B DSL-491HNU-B1 V2 Cross Site Request Forgery
Posted Feb 6, 2019
Authored by Yusuf Furkan

Zyxel VMG3312-B10B DSL-491HNU-B1 V2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-7391
SHA-256 | 7e3f03a26f7f5517b57b3f61a2a52176b323d51206b8e0458c08ca72520f6a92
Zyxel NBG-418N V2 Cross Site Request Forgery
Posted Jan 24, 2019
Authored by Ali Can Gonullu

Zyxel NBG-418N V2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-6710
SHA-256 | 273ea7ce7048197b7fbc31dcebdd94bb1be4a46fc0191bdaefa68ce14fdfd2fa
Zyxel VMG1312-B10D 5.13AAXA.8 Directory Traversal
Posted Nov 26, 2018
Authored by numan turle

Zyxel VMG1312-B10D 5.13AAXA.8 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 60c8e9a5e09699dcc7795a645cfb7557da62d34304af0a5f585f8638ad3a1365
ZyXEL VMG3312-B10B Credential Disclosure
Posted Oct 30, 2018
Authored by numan turle

ZyXEL VMG3312-B10B versions prior to 1.00 (AAPP.7) suffer from a credential disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 043dd9f6802d82984a7afef78cd5da2562fb13860ca43e1bd31ad2d12e9cdc30
ZyXEL VMG3312-B10B Cross Site Scripting
Posted Aug 22, 2018
Authored by Samet Sahin

ZyXEL VMG3312-B10B suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 82bc1e403793fa177d976c394c521b84fa9eafb0a9d73bdd2b65c38d09168fb6
ZyXEL P-660HW UDP Denial Of Service
Posted Jan 12, 2018
Authored by Hosein Askari

ZyXEL P-660HW suffers from a UDP fragmentation denial of service vulnerability.

tags | exploit, denial of service, udp
advisories | CVE-2018-5330
SHA-256 | 3e6afd92f56224f00f5636f2eafc877e4a6d54d52ead421fcfe460c731f69208
ZyXEL P-660HW TTL Expiry Denial Of Service
Posted Dec 26, 2017
Authored by Hosein Askari

ZyXEL P-660HW version 3 suffers from a TTL expiry denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-17901
SHA-256 | 5082d6d01d06a707019720b4359b6b47db0f95f8e2391ebd61562b8d08ab8756
ZyXEL PK5001Z Modem Backdoor Account
Posted Nov 2, 2017
Authored by Matthew Sheimo

The ZyXEL PK5001Z modem has a hardcoded backdoor admin account that allows escalation to root.

tags | exploit, root
advisories | CVE-2016-10401
SHA-256 | ae06b605e42c5422c5b0475605eaacc869041e877d92ebe35503b4e9d2ccc096
Zyxel P-2812HNU-F1 DSL Router Command Injection
Posted Sep 29, 2017
Authored by Willem de Groot

The Zyxel P-2812HNU-F1 DSL router suffers from a remote command injection vulnerability. Firmware versions V3.11TUE3 (KPN) and V3.11TUE8 (KPN) are affected.

tags | exploit, remote
SHA-256 | 66372d846f543901562ef728ccfb30a15e208e8dff6f028467937af652912375
Zyxel / EMG2926 Command Injection
Posted Apr 2, 2017
Authored by Trevor Hough

Zyxel / EMG2926 versions prior to 1.00(AAQT.4)b8 suffers from an OS command injection vulnerability.

tags | exploit
advisories | CVE-2017-6884
SHA-256 | d2fe28ccfad0ff3449ac16a08f737147127ce359adeb79b057c6ca7dba400d21
TrueOnline ZyXEL / Billion Command Injection / Default Credentials
Posted Jan 17, 2017
Authored by Pedro Ribeiro

TrueOnline is a Thai ISP that distributes customized versions of ZyXEL and Billion routers - customized with vulnerabilities that is. The routers contain several default administrative accounts and command injections that can be abused by authenticated and unauthenticated attackers.

tags | exploit, vulnerability
SHA-256 | 10903d4befe721f251a632833452082ea225e42bdd36042d0be7edf4cbdab914
Zyxel MAX3XX Series Wimax CPEs Hardcoded Root Password
Posted Mar 23, 2016
Authored by Gianni Carabelli

Plain text hardcoded passwords have been discovered in /bin/busybox and /bin/dropbear for Zyxel MAX3XX series Wimax CPEs.

tags | exploit
SHA-256 | 1bc5c071cbf8b319d60aa2b1977e287555fe15a20c2bad788a3e9e49ae3bc5e6
ZyXel WAP3205 Cross Site Scripting
Posted Jan 24, 2016
Authored by Nicholas Lehman

ZyXel WAP3205 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 8b34626bd7866d7c73e807f070af5d155661fde5147b19897b10deaca0d55f01
ZyXEL PMG5318-B20A OS Command Injection
Posted Oct 14, 2015
Authored by Karn Ganeshen

ZyXEL PMG5318-B20A suffers from a command injection vulnerability via the ping function.

tags | exploit
advisories | CVE-2015-6018
SHA-256 | 94cea261bcbad285c0fb3b4900f3ab8150b00219d6b41f9594444e04f13fdfd8
ZYXEL P-660HN-T1H_IPv6 Denial Of Service
Posted Apr 23, 2015
Authored by Koorosh Ghorbani

ZYXEL P-660HN-T1H_IPv6 remote configuration editor / web service denial of service exploit.

tags | exploit, remote, web, denial of service
SHA-256 | 8813feb1830fa068aa80eccbe2bace47ee9518e75012d7355ca4cf61c035dbf0
ZyXEL SBG-3300 Security Gateway Cross Site Scripting
Posted Oct 3, 2014
Authored by Mirko Casadei

ZyXEL SBG-3300 Security Gateway suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-7277
SHA-256 | 5eaf4ac207e940c02019db54b7a27f528fb6f3c2afece5bd3746b21b6583c0d4
ZyXEL SBG-3300 Security Gateway Denial Of Service
Posted Oct 3, 2014
Authored by Mirko Casadei

ZyXEL SBG-3300 Security Gateway suffers from a malicious javascript denial of service vulnerability.

tags | exploit, denial of service, javascript
advisories | CVE-2014-7278
SHA-256 | 596f2b9195c266beca8ddebbb6e27ec2938aa82039cd2751ebd8e57bec2a6d6d
ZyXEL Prestig P-660HNU-T1v2 Credential Disclosure
Posted Sep 25, 2014
Authored by Sebastian Magof

ZyXEL Prestig P-660HNU-T1v2 suffers from a remote credential disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | a11b0844b499c1a56ff865d40ff31c2d6190bd5310c1872b46386cd82ef5acd9
Page 1 of 2
Back12Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close