what you don't know can hurt you
Showing 1 - 25 of 45 RSS Feed

Files

Asus Precision TouchPad 11.0.0.25 Denial Of Service / Privilege Escalation
Posted Aug 30, 2019
Authored by Athanasios Tserpelis

Asus Precision TouchPad version 11.0.0.25 suffers from denial of service and privilege escalation via pool overflow vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
advisories | CVE-2019-10709
MD5 | 7c6e0afea20f92a97d7e821769e9a53e

Related Files

ASUS RT-N10+ 2.0.3.4 CSRF / XSS / Command Execution
Posted Oct 14, 2019
Authored by Matheus Vrech

ASUS RT-N10+ with firmware version 2.0.3.4 suffers from cross site request forgery and cross site scripting vulnerabilities that can assist with achieving command execution.

tags | exploit, vulnerability, xss, csrf
MD5 | 413b65790cd54119cea3da7c110a4c83
ASUS HG100 Denial Of Service
Posted Apr 17, 2019
Authored by Yint Wang

ASUS HG100 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2018-11492
MD5 | ea2e4abda8fc79168565125e50e6b8df
ASUSTOR NAS ADM 3.1.0 Remote Command Execution / SQL Injection
Posted Aug 14, 2018
Authored by Kyle Lovett

ASUSTOR NAS ADM version 3.1.0 suffers from code execution and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection
advisories | CVE-2018-11509, CVE-2018-11510, CVE-2018-11511
MD5 | 2cbb9fa8f1740ec14856c26142f6ffd4
ASUS DSL-N12E_C1 1.1.2.3_345 Remote Command Execution
Posted Aug 2, 2018
Authored by Fakhri Zulkifli

ASUS DSL-N12E_C1 version 1.1.2.3_345 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 68858eb68a135237de86d8478315d5e4
AsusWRT RT-AC750GF Cross Site Request Forgery
Posted Jun 25, 2018
Authored by Wadeek

AsusWRT RT-AC750GF suffers from a cross site request forgery vulnerability in the change admin password flow.

tags | exploit, csrf
MD5 | 810fac6d0bec022e04d317564bc41737
Dell Touchpad ApMsgFwd.exe Denial Of Service
Posted May 11, 2018
Authored by Souhail Hammou

Dell Touchpad ApMsgFwd.exe suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2018-10828
MD5 | 45d63e35402ea4ab4377b717de0e2b34
ASUSTOR ADM 3.1.0.RFQ3 Chained Remote Code Execution
Posted May 2, 2018
Authored by Matthew F

ASUSTOR ADM versions 3.1.0.RFQ3 and below chained exploit that leverages stored cross site scripting, cross site request forgery, path traversal, and file upload vulnerabilities.

tags | exploit, vulnerability, xss, file upload, csrf
MD5 | a3b210023543df6ac13e213699161e0a
ASUS infosvr Authentication Bypass Command Execution
Posted Apr 21, 2018
Authored by jduck, Friedrich Postelstorfer | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in the infosvr service running on UDP port 9999 on various ASUS routers to execute arbitrary commands as root. This Metasploit module launches the BusyBox Telnet daemon on the port specified in the TelnetPort option to gain an interactive remote shell. This Metasploit module was tested successfully on an ASUS RT-N12E with firmware version 2.0.0.35. Numerous ASUS models are reportedly affected, but untested.

tags | exploit, remote, arbitrary, shell, root, udp, bypass
advisories | CVE-2014-9583
MD5 | 0b841685aaa09cefb0a9621293d64a94
AsusWRT LAN Unauthenticated Remote Code Execution
Posted Feb 23, 2018
Authored by Pedro Ribeiro | Site metasploit.com

The HTTP server in AsusWRT has a flaw where it allows an unauthenticated client to perform a POST in certain cases. This can be combined with another vulnerability in the VPN configuration upload routine that sets NVRAM configuration variables directly from the POST request to enable a special command mode. This command mode can then be abused by sending a UDP packet to infosvr, which is running on port UDP 9999 to directly execute commands as root. This exploit leverages that to start telnetd in a random port, and then connects to it. It has been tested with the RT-AC68U running AsusWRT Version 3.0.0.4.380.7743.

tags | exploit, web, root, udp
advisories | CVE-2018-5999, CVE-2018-6000
MD5 | 0a0cdd7637ea7a4a50df34cad0df396f
Asus Router Cross Site Script / Authentication Bypass
Posted Jan 26, 2018
Authored by 4TT4CK3R

ASUS router DSL-RT-N13 suffers from an authentication bypass vulnerability. ASUS router DSL-N14U B1 suffers from a cross site scripting vulnerability.

tags | exploit, xss, bypass
MD5 | 2fc150447dc4b5a9529e54a5dc2c5bf9
AsusWRT Router Remote Code Execution
Posted Jan 26, 2018
Authored by Pedro Ribeiro

AsusWRT Router versions prior to 3.0.0.4.380.7743 suffer from an unauthenticated LAN remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-5999, CVE-2018-6000
MD5 | 76e861a72a3ce836f6c0b5f6dc36b004
ASUSWRT 3.0.0.4.382.18495 Session Hijacking / Information Disclosure
Posted Jan 16, 2018
Authored by Blazej Adamczyk

ASUSWRT versions 3.0.0.4.382.18495 and below suffer from predictable session tokens, failed IP validation, plain text password storage, and information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
systems | unix
advisories | CVE-2017-15653, CVE-2017-15654, CVE-2017-15655, CVE-2017-15656
MD5 | 7e3b9c4205f64e0e634963950eedec68
ASUS Routers CSRF / Information Disclosure
Posted May 10, 2017
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

ASUS routers suffer from cross site request forgery and information disclosure vulnerabilities. Versions affected include RT-AC55U, RT-AC56R, RT-AC56S, RT-AC56U, RT-AC66U, RT-AC88U, RT-AC66R, RT-AC66U, RT-AC66W, RT-AC68W, RT-AC68P, RT-AC68R, RT-AC68U, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC53U, RT-AC1900P, RT-AC3100, RT-AC3200, RT-AC5300, RT-N11P, RT-N12 (D1 version only), RT-N12+, RT-N12E, RT-N18U, RT-N56U, RT-N66R, RT-N66U (B1 version only), and RT-N66W.

tags | exploit, vulnerability, file inclusion, info disclosure, csrf
advisories | CVE-2017-5891, CVE-2017-5892
MD5 | 3d95db7d42745579a0c76b4da4866297
Alps Touchpad Driver 8.2206.1717.143 Privilege Escalation
Posted Jan 21, 2017
Authored by Owais Mehtab, Tayeeb Rana

Alps Touchpad Driver version 8.2206.1717.143 suffers from an unquoted service path privilege escalation vulnerability.

tags | exploit
MD5 | 639461791ec41e18d350156f61e29764
ASUS RT-N10 CSRF / Code Execution / XSS / Open Redirection
Posted Sep 15, 2016
Authored by MustLive

ASUS RT-N10 routers suffer from code execution, cross site request forgery, open redirection, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, code execution, xss, csrf
MD5 | f6f873a9a7063b62b83cfc4a423b2711
ASUS DSL-X11 ADSL Router Unauthenticated Remote DNS Changer
Posted Sep 13, 2016
Authored by Todor Donev

ASUS DSL-X11 ADSL router unauthenticated remote DNS changer exploit.

tags | exploit, remote
MD5 | f0f1b7c27f65b57a70da84f3f1a81eca
AsusTEK asio.sys MSR Manipulation
Posted Mar 21, 2016
Authored by 0x3d5157636b525761

AsusTEK asio.sys driver accepts IOCTLs that allow the user to freely manipulate MSRs.

tags | advisory
MD5 | c18c9c0b57d01cc8efce04b22b9fd19f
ASUS Router Administrative Interface Exposure
Posted Feb 11, 2016
Authored by David Longenecker

ASUS wireless routers running ASUSWRT firmware have a design flaw in which the administrator web interface may be open to the public Internet even if you have specifically disabled web access from the WAN.

tags | advisory, web
MD5 | 00e62587a24303e07531652cea981350
ASUS RT-N56U 3.0.0.4.374_239 Cross Site Scripting
Posted Feb 4, 2016
Authored by Nicholas Lehman

ASUS RT-N56U version 3.0.0.4.374_239 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 708265e7690ca816315263e6a7a189f5
ASUS RT-N15U Code Execution / XSS / Open Redirect
Posted Dec 3, 2015
Authored by MustLive

ASUS RT-N15U suffers from code execution, cross site request forgery, cross site scripting, and open redirection vulnerabilities.

tags | exploit, vulnerability, code execution, xss, csrf
MD5 | 5c917a1ae6db29d0e7c5d8b4ceea798f
ASUS RT-G32 Cross Site Request Forgery / Cross Site Scripting
Posted Mar 7, 2015
Authored by MustLive

ASUS RT-G32 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | deb1ac289f642411576e25a1de54fe7f
Asus RT-N10 Plus Cross Site Scripting
Posted Jan 30, 2015
Authored by Kaustubh G. Padwad

Asus RT-N10 Plus with firmware version 2.1.1.1.70 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | cbd31adcbb31f787ab3a7f9c44d83530
ASUSWRT 3.0.0.4.376_1071 LAN Backdoor Command Execution
Posted Jan 5, 2015
Authored by Friedrich Postelstorfer

ASUSWRT version 3.0.0.4.376_1071 suffers from a remote command execution vulnerability. A service called "infosvr" listens on port 9999 on the LAN bridge. Normally this service is used for device discovery using the "ASUS Wireless Router Device Discovery Utility", but this service contains a feature that allows an unauthenticated user on the LAN to execute commands less than or equal to 237 bytes as root. Source code is in asuswrt/release/src/router/infosvr. "iboxcom.h" is in asuswrt/release/src/router/shared.

tags | exploit, remote, root
MD5 | 5ec3e85958335b910a0bf2c90f373d64
ASUS Router Man-In-The-Middle
Posted Oct 29, 2014
Authored by David Longenecker

ASUS wireless router updates are vulnerable to a man-in-the-middle attack.

tags | advisory
advisories | CVE-2014-2718
MD5 | 3345812c5ddbe70df581e6006c087749
WHQL-signed Synaptics Touchpad Driver Rogue Program Execution
Posted May 9, 2014
Authored by Stefan Kanthak

The WHQL-signed Synaptics touchpad driver delivered via Windows Update executes a rogue program C:\Program.exe with system privileges after its installation.

tags | advisory
systems | windows
MD5 | bf674d0c2588ad121442239cce93a9d9
Page 1 of 2
Back12Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close