exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Geutebruck Remote Command Execution
Posted Sep 2, 2021
Authored by Titouan Lazard, Sebastien Charbonnier, Ibrahim Ayadhi | Site metasploit.com

This Metasploit module bypasses the HTTP basic authentication used to access the /uapi-cgi/ folder and exploits multiple authenticated arbitrary command execution vulnerabilities within the parameters of various pages on Geutebruck G-Cam EEC-2xxx and G-Code EBC-21xx, EFD-22xx, ETHC-22xx, and EWPC-22xx devices running firmware versions 1.12.0.27 and below as well as firmware versions 1.12.13.2 and 1.12.14.5. Successful exploitation results in remote code execution as the root user.

tags | exploit, remote, web, arbitrary, cgi, root, vulnerability, code execution
advisories | CVE-2021-33543, CVE-2021-33544, CVE-2021-33548, CVE-2021-33550, CVE-2021-33551, CVE-2021-33552, CVE-2021-33553, CVE-2021-33554
SHA-256 | cf7ad8dd0a73829d3346e2425a6d3d0e8426e0d758005a97a9748eb069e34e22

Related Files

Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Password Disclosure
Posted Aug 17, 2012
Authored by Alberto Ortega

Alpha Networks ADSL2/2+ Wireless Router version ASL-26555 suffers from a remote administration password disclosure vulnerability. Tested on firmware version 2.0.0.30B_ES.

tags | exploit, remote
SHA-256 | 0acc750576387e5c5c8428df81f18e8f0e01592d9d5308c8ea0f94e991b8de78
Iomega StorCenter/EMC Lifeline Remote Access
Posted Aug 9, 2012
Site emc.com

A vulnerability exists for Iomega network storage devices with EMC Lifeline firmware that can potentially be exploited to gain unauthorized access to remote shares in certain circumstances. If remote access (including port-forwarding) is enabled on affected Iomega devices, all created shares (including shares on connected USB devices) could potentially be accessed by unauthorized remote users or systems due to access control issues.

tags | advisory, remote
advisories | CVE-2012-2283
SHA-256 | 1751607ad763d8c3030dd46fa7360620eefb9a7f9ade9c9368211dd334e6edf7
QNAP Command Injection
Posted Jun 17, 2012
Authored by Phil Taylor, Nadeem Salim | Site senseofsecurity.com.au

QNAP Turbo NAS with firmware versions 3.6.1 Build 0302T and below suffer from a command injection vulnerability that allows for remote code execution.

tags | exploit, remote, code execution
SHA-256 | bcec74851c024f2e1466935f495fd1687810e39d50b44f12aa001bc14964e143
HP Security Bulletin HPSBPI02728 SSRT100692 6
Posted Apr 26, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 6 - In November, 2011, a potential security vulnerability was identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. This revision, version 6, of the Security Bulletin announces the availability of firmware updates for additional devices.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | 6b9303b4257f0a92fb10e6843f9b596fd3b0ff2087609043ce342140b4a101ad
HP Security Bulletin HPSBPI02728 SSRT100692 5
Posted Mar 19, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 5 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 5 of this advisory.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | 34fc17a3a00efdd16c2e510fe459251c21d59b231555ad0e979a5da926ca663a
Secunia Security Advisory 48048
Posted Feb 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sense of Security has reported a security issue in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | bdd99dccd465ec4c59bbf42bc1f0b06ef8b4944a9f0c632126074ac0519348ff
Secunia Security Advisory 48158
Posted Feb 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sense of Security has reported a security issue and a vulnerability in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 9d55a5c4cc119aba5c9ab9d76cce3f9611f9d1be5e38cbfe9ee8fc2efafed802
Secunia Security Advisory 48061
Posted Feb 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sense of Security has reported a security issue in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 52fd7d90f18e1af4afd57abcfc7e0a98cc2f675e2689ddcf564d0e2a43c57ede
HP Security Bulletin HPSBPI02728 SSRT100692 4
Posted Feb 18, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 4 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 4 of this advisory.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | ae3a06d6319920eca0609887ae91355785a811ce0226b7717b8527b4072104ba
HP Security Bulletin HPSBPI02728 SSRT100692 3
Posted Jan 9, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 3 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 3 of this advisory.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | dd5e56f566ad2ca9b114239aba459968b740fd1b964f71a9074e028284d0c8a1
HP Security Bulletin HPSBPI02728 SSRT100692 2
Posted Dec 29, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 2 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 2 of this advisory.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | ff6f22298de3f425de467f22cf364320ca21ac4e7ef6bb1908722100799044d9
IBM TS3100/TS3200 Web UI Authentication Bypass
Posted Dec 21, 2011
Site trustwave.com

The IBM TS3200/TS3200 Web User Interface is vulnerable to an authentication bypass attack. By sending a series of requests to the authentication function, it is possible to trigger a condition which causes the application to grant an access cookie which permits remote administration. Firmware less than A.60 is affected.

tags | exploit, remote, web
advisories | CVE-2011-1372
SHA-256 | 251930962a416ff086d78263b78eb5f8dcc016095a831b437bd5a97ae19df1ac
Secunia Security Advisory 47257
Posted Dec 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged some vulnerabilities in Sun System Firmware, which can be exploited by malicious people to conduct spoofing attacks, cause a DoS (Denial of Service), and potentially compromise a user's system.

tags | advisory, denial of service, spoof, vulnerability
SHA-256 | ca8de27c8fdebbee80901664bdcdd9943caeaf960ed3984e7122403b6e96ff00
HP Security Bulletin HPSBPI02728 SSRT100692
Posted Dec 1, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2011-4161
SHA-256 | d48441fde8682890a6be06f1b7536c5c8c950288456b21ade23cb63724135da3
Apple Security Advisory 2011-11-10-2
Posted Nov 15, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-11-10-2 - Time Capsule and AirPort Base Station (802.11n) Firmware 7.6 is now available and addresses a security vulnerability. dhclient allowed remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message. This issue is addressed by stripping shell meta-characters in dhclient-script.

tags | advisory, remote, arbitrary, shell
systems | apple
advisories | CVE-2011-0997
SHA-256 | 6e8e307de2ea87a65b2fbe4858a5cdefa741c0cb65ec28c910798ebd7cbf3bd9
Digging Inside VxWorks OS And Firmware - Holistic Security
Posted Jul 18, 2011
Authored by Aditya K Sood | Site secniche.org

Whitepaper called Digging Inside VxWorks OS and Firmware - Holistic Security. VxWorks is one of the most widely accepted embedded OSes. In this paper, they have conducted a detailed study of the VxWorks OS security model and firmware in order to understand the potential impact of security vulnerabilities and weaknesses.

tags | paper, vulnerability
SHA-256 | 2c622ddb4286be353e85ab46da20fe4b0ca3a0d882e1cf8d909f856256f15449
Multiple IP Cameras Remote Command Execution
Posted Jun 9, 2011
Authored by Roberto Paleari

IP Cameras such as TRENDnet, Digicom, and iPUX all share a firmware that suffers from undocumented user, command injection, hidden telnet service, and various other vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 2e13035b1da24232cad2b5abbce7c0d6968fb792c214dcbcbecba7542a6aaf4b
Belkin G Wireless Router 5.00.12 Password Hash Disclosure
Posted May 31, 2011
Authored by Aodrulez

Belkin G Wireless Router with firmware version 5.00.12 suffers from a password hash disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 1ff16d35f0826f93976163d23810916b6c842c832770207c9409be7c72c79f0d
Linksys WRT54G Cross Site Scripting
Posted Apr 29, 2011
Authored by Justin C. Klein Keane

The Cisco Linksys Wireless G Broadband Router WRT54G with firmware version 4.21.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
SHA-256 | 33023e6063d14ffdaada37d384498349e1d019e88d22a6bd58eef458b22376b7
Linksys WRT54G Password Disclosure
Posted Apr 11, 2011
Authored by RaFD

Linksys WRT54G with firmware version 7.00.1 suffers from an administrative password disclosure vulnerability via ftpd.

tags | exploit, info disclosure
SHA-256 | 29ac89d17267faf8260fc55d0bf0cea35b3acec9de7d42041acbc8aaabc40393
ProxBrute 0.3
Posted Jan 12, 2011
Authored by Brad Antoniewicz

ProxBrute is a custom firmware written for the proxmark3. It extends the currently available firmware (revision 465) to support brute force attacks against proximity card access control systems. This version of ProxBrute requires the knowledge of a [once] valid tag value to vertically or horizontally escalate the tag's privileges.

tags | cracker
systems | unix
SHA-256 | a155a9dd000312c20ecbe6ca6bab1bc991183e9dea73578a76754b148ab1332a
RoomWizard Credential Disclosure
Posted Jan 6, 2011
Authored by Sean Lam

RoomWizard suffers from a default password and sync connector credential leak vulnerability. Firmware version 3.2.3 is affected.

tags | exploit, info disclosure
advisories | CVE-2010-0214
SHA-256 | cd571a6d6eac92710b122e7baf4146e0163348b1c380b890746f3484d6c692d5
DIR-615 Privilege Escalation
Posted Dec 5, 2010
Authored by Craig Heffner | Site devttys0.com

This file provides a detailed description of a privilege escalation vulnerability that has been confirmed to affect the DIR-615 revD router running firmware version 4.11.

tags | advisory
SHA-256 | a160c910db3449d12d52aa5b71001bba6e2a99708a556a84bf479eddf5694cb0
Secunia Security Advisory 42059
Posted Nov 2, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Intel Xeon 5500 and 5600 Series BMC Firmware, which can be exploited by malicious users to gain escalated privileges.

tags | advisory
SHA-256 | 01e20d92ef50436b1c0eef5c25bdb74ed3a2e0277f94650daf9927dd6874e094
Proventia Network Mail Security System CRLF Injection
Posted Sep 14, 2010
Authored by Dr. Marian Ventuneac

Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to a CRLF Injection vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing injection of custom HTTP cookies, forcing external redirects, potential HTTP Response Splitting attacks, etc.

tags | exploit, web, local
advisories | CVE-2010-0155
SHA-256 | e89f3a47c9d247e4c7ef74ea39c92a4c23d3b46381a0211b7b0b6dd059c87d44
Page 1 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close