what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Cisco RV320 Unauthenticated Diagnostic Data Retrieval
Posted Mar 27, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered that the Cisco RV320 router still exposes sensitive diagnostic data without authentication via the device's web interface due to an inadequate fix by the vendor.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1653
SHA-256 | 2b7e66ad19b6068e6af38b37416a2c3c4c1dbb9a1a959f50323d828c81b0520e

Related Files

STARFACE 7.3.0.10 Broken Authentication
Posted Jun 1, 2023
Site redteam-pentesting.de

RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become best practice to protect users' passwords in case of a database compromise, this is rendered ineffective when allowing to authenticate using the password hash. Versions 7.3.0.10 and below are affected.

tags | exploit, web
advisories | CVE-2023-33243
SHA-256 | bf316bc05bcb273edd4ab75c498cf1dd7821da0c8c8f6d0a7544d4d163c7226f
Secure Web Gateway 10.2.11 Cross Site Scripting
Posted Jan 26, 2023
Site redteam-pentesting.de

Secure Web Gateway version 10.2.11 suffers from a cross site scripting vulnerability. RedTeam Pentesting identified a vulnerability which allows attackers to craft URLs to any third-party website that result in arbitrary content to be injected into the response when accessed through the Secure Web Gateway. While it is possible to inject arbitrary content types, the primary risk arises from JavaScript code allowing for cross site scripting.

tags | exploit, web, arbitrary, javascript, xss
advisories | CVE-2023-0214
SHA-256 | f0bbf9c04ccb2873653f86035ec08f7b9388e540d28d2f705eaf53a75692bfea
Auerswald COMpact 8.0B Backdoors
Posted Dec 6, 2021
Site redteam-pentesting.de

RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to access the web-based management application full administrative access to the device. Versions 8.0B and below are affected.

tags | exploit, web
advisories | CVE-2021-40859
SHA-256 | dd5ca7ea4caa5162c8b67967d3278af0abfd50ff21e9371c5bd80f2300d42ed3
Auerswald COMpact 8.0B Arbitrary File Disclosure
Posted Dec 6, 2021
Site redteam-pentesting.de

RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the "sub-admin" privilege to access any files on the PBX's file system. Versions 8.0B and below are affected.

tags | exploit, web
advisories | CVE-2021-40858
SHA-256 | d996a18ccf6aeaf710400d44518247e46de43b267d135f9213bec807dc59597d
Auerswald COMpact 8.0B Privilege Escalation
Posted Dec 6, 2021
Site redteam-pentesting.de

RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows low-privileged users to access passwords of administrative user accounts. Affected versions include 8.0B and below.

tags | exploit, web
advisories | CVE-2021-40857
SHA-256 | dac326b33fff7e529507312696bf7c1980ce40578237f9caf02f0b838930f9b6
Auerswald COMfortel 1400/2600/3600 IP 2.8F Authentication Bypass
Posted Dec 6, 2021
Site redteam-pentesting.de

RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in the web-based management interface without authentication. Versions 2.8F and below are affected.

tags | exploit, web
advisories | CVE-2021-40856
SHA-256 | a81f22dfd946e817d23fb35f271231f89fc1fa3368c9f66e528ef931719ac208
MobileTogether Server 7.3 XML Injection
Posted Aug 10, 2021
Site redteam-pentesting.de

RedTeam Pentesting discovered a vulnerability in the MobileTogether server which allows users with access to at least one application to read arbitrary, non-binary files from the file system and perform server-side requests. The vulnerability can also be used to deny availability of the system. As an example, this advisory shows the compromise of the server's certificate and private key. Versions 7.0 through 7.3 are affected.

tags | exploit, arbitrary
advisories | CVE-2021-37425
SHA-256 | 81610560b7e43edd2d6f53ac111733795bf655597364a89aa396c6ecce9cab50
BigBlueButton 2.2.25 File Disclosure / Server-Side Request Forgery
Posted Oct 21, 2020
Site redteam-pentesting.de

RedTeam Pentesting discovered a vulnerability in the BigBlueButton web conferencing system version 2.2.25 that allows participants of a conference with permissions to upload presentations to read arbitrary files from the file system and perform server-side requests. This leads to administrative access to the BigBlueButton instance.

tags | exploit, web, arbitrary
advisories | CVE-2020-25820
SHA-256 | 41eaaa438c053a1afcdc56d2cd1717b2db4bf402566f20e2d848123cbaf0cbf1
D-Link DSR-250N Denial Of Service
Posted Oct 8, 2020
Site redteam-pentesting.de

RedTeam Pentesting discovered a denial of service vulnerability in the D-Link DSR-250N device which allows unauthenticated attackers in the same local network to execute a CGI script that reboots the device. Version 3.12 is confirmed affected.

tags | exploit, denial of service, local, cgi
advisories | CVE-2020-26567
SHA-256 | 9c93e843468650bf0270222facd25a1ee3a9a2887cda11b88288285ab0184247
Cisco RV320 Command Injection
Posted Mar 27, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router which was inadequately patched by the vendor.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1652
SHA-256 | fa1fddffe139a0d576a787664aa6b3b1d1207ed373110904ad3b88fa8d1e4370
Cisco RV320 Unauthenticated Configuration Export
Posted Mar 27, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered that the configuration of a Cisco RV320 router can still be exported without authentication via the device's web interface due to an inadequate fix by the vendor.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1653
SHA-256 | aa2ffadd37f8b53f7521b5331aff0f56f21b08999e7e3839a9709f9b42d32d19
Advanced Bash-Scripting Guide Code Execution
Posted Mar 26, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered that the shell function "getopt_simple", as presented in the "Advanced Bash-Scripting Guide", allows execution of attacker-controlled commands.

tags | exploit, shell, bash
advisories | CVE-2019-9891
SHA-256 | 774ed521003d36a5ec3bd1c92f36d2980cef1f0a9edd2618ea47b78c70be3822
Cisco RV320 Command Injection
Posted Jan 24, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router. Versions 1.4.2.15 through 1.4.2.19 are affected. Fixed in version 1.4.2.20.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1652
SHA-256 | 0ef1e407d0628e9e533465222b68937646fa1649db7cb36d50953a7f19722bfc
Cisco RV320 Unauthenticated Diagnostic Data Retrieval
Posted Jan 24, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered that the Cisco RV320 router exposes sensitive diagnostic data without authentication through the device's web interface. Versions affected include 1.4.2.15 and 1.4.2.17.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1653
SHA-256 | fdf7195ccf0d6541be985c8d496c6247eb5c5e6f97854845e3c59933dda9393d
Cisco RV320 Unauthenticated Configuration Export
Posted Jan 24, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered that the configuration of a Cisco RV320 router may be exported without authentication through the device's web interface. Affected versions include 1.4.2.15 and 1.4.2.17.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1653
SHA-256 | 942511fa9b0bd63bd49cf08b8956b08f9864c3d173a12a505da9fb6a9e650162
Tuleap Open Redirect
Posted Mar 8, 2018
Site redteam-pentesting.de

RedTeam Pentesting discovered an arbitrary redirect vulnerability in the redirect mechanism of the application lifecycle management platform Tuleap. Versions prior to 9.17.99.93 are affected.

tags | exploit, arbitrary
SHA-256 | 4ee245fc410a2b477c410f689faaa169f5218c550f09341b6b468f1cddf894a7
Shibboleth 2 XML Injection
Posted Jan 15, 2018
Site redteam-pentesting.de

RedTeam Pentesting discovered that the shibd service of Shibboleth 2 does not extract SAML attribute values in a robust manner. By inserting XML entities into a SAML response, attackers may truncate attribute values without breaking the document's signature. This might lead to a complete bypass of authorisation mechanisms. Versions prior to 2.6.1 are affected.

tags | exploit
advisories | CVE-2018-0486
SHA-256 | 3161025b44bdf506c94fc43a995ecee6fe36a5a17cca6bee9d2de7e64bc0814f
WebClientPrint Processor 2.0.15.109 Unauthorized Proxy Modification
Posted Aug 23, 2017
Site redteam-pentesting.de

RedTeam Pentesting discovered that attackers can configure a proxy host and port to be used when fetching print jobs with WebClientPrint Processor (WCPP). This proxy setting may be distributed via specially crafted websites and is set without any user interaction as soon as the website is accessed. Version 2.0.15.109 is affected.

tags | exploit
SHA-256 | 09c0e3cd68348e506a9714a171060413afaa79dbee57b201c4d67e7fd6a31b1c
WebClientPrint Processor 2.0.15.109 Updates Remote Code Execution
Posted Aug 23, 2017
Site redteam-pentesting.de

RedTeam Pentesting discovered that rogue updates trigger a remote code execution vulnerability in WebClientPrint Processor (WCPP). These updates may be distributed through specially crafted websites and are processed without any user interaction as soon as the website is accessed. However, the browser must run with administrative privileges. Version 2.0.15.109 is affected.

tags | exploit, remote, code execution
SHA-256 | 16d24709c0cb5cba7e8f5f98b3f1f03545ac4ec24730922aafb7e643bd7c27d7
WebClientPrint Processor 2.0.15.109 TLS Validation
Posted Aug 23, 2017
Site redteam-pentesting.de

RedTeam Pentesting discovered that WebClientPrint Processor (WCPP) does not validate TLS certificates when initiating HTTPS connections. Thus, a man-in-the-middle attacker may intercept and/or modify HTTPS traffic in transit. This may result in a disclosure of sensitive information and the integrity of printed documents cannot be guaranteed. Version 2.0.15.109 is affected.

tags | exploit, web
SHA-256 | d5d5ce3f3fb5bf4d769947dc95fa513fec9e066196c762f799c032bd2ce628d1
REDDOXX Appliance Remote Command Execution
Posted Jul 25, 2017
Site redteam-pentesting.de

RedTeam Pentesting discovered a remote command execution vulnerability in the REDDOXX appliance software, which allows attackers to execute arbitrary command with root privileges while unauthenticated. Affected versions include build 2032 and 2.0.625.

tags | exploit, remote, arbitrary, root
SHA-256 | becde93c067e78ba68597a35f6d477408561832538f83bbfc9c5867a28459d85
REDDOXX Appliance Unauthenticated Access
Posted Jul 25, 2017
Site redteam-pentesting.de

RedTeam Pentesting discovered a vulnerability which allows attackers unauthenticated access to the diagnostic functions of the administrative interface of the REDDOXX appliance. The functions allow, for example, to capture network traffic on the appliance's interfaces. Affected versions include build 2032 and 2.0.625.

tags | exploit
SHA-256 | acd4c88b4e6b269475472b9ac9f07228d4f40087768925bc7eb00ecfecd3522c
REDDOXX Appliance Undocumented Administrative Service Account
Posted Jul 25, 2017
Site redteam-pentesting.de

RedTeam Pentesting discovered an undocumented service account in the REDDOXX appliance software, which allows attackers to access the administrative interface of the appliance and change its configuration. Affected versions include build 2032 and 2.0.625.

tags | exploit
SHA-256 | 566d35f51e7eacf080b67dde2ac3e518fc64eab804ca996a361d492a9d1e33b8
REDDOXX Appliance Arbitrary File Disclosure
Posted Jul 24, 2017
Site redteam-pentesting.de

RedTeam Pentesting discovered an arbitrary file disclosure vulnerability in the REDDOXX appliance software, which allows unauthenticated attackers to download arbitrary files from the affected system. Affected versions include build 2032 and 2.0.625.

tags | exploit, arbitrary
SHA-256 | 73f166953c9826d6cb5ced2e73d23f83f1666942751bbe3a859d6bd211d10a9a
REDDOXX Appliance Cross Site Scripting
Posted Jul 24, 2017
Site redteam-pentesting.de

RedTeam Pentesting discovered a cross site scripting (XSS) vulnerability in the REDDOXX appliance software, which allows attackers to inject arbitrary JavaScript code via a crafted URL. Affected versions include build 2032 and 2.0.625.

tags | exploit, arbitrary, javascript, xss
SHA-256 | 24d8f1cffd703098f7bc99803e67978d1404d5582276c79f31555172622b593b
Page 1 of 4
Back1234Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close