Tenda D151 & D301 – Configuration Download (Unauthenticated)
April 21st, 2021 📆 | 6230 Views ⚑
# Exploit Title: Tenda D151 & D301 - Configuration Download (Unauthenticated) # Date: 19-04-2021 # Exploit Author: BenChaliah # Author
Browsing the "unauthenticated" Tag
Tagged with: configuration • D151 • D301 • download • hardware • remote • tenda • unauthenticated
Backdoor.Win32.Hupigon.das Unauthenticated Open Proxy ≈ Packet Storm
April 9th, 2021 📆 | 1574 Views ⚑
Discovery / credits: Malvuln – malvuln.com (c) 2021Original source: https://malvuln.com/advisory/7afe56286039faf56d4184c476683340.txtContact: [email protected]: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.dasVulnerability: Unauthenticated Open ProxyDescription: The malware drops
Tagged with: advisory • backdoor • BackdoorWin32Hupigondas • CSRF • exploit • hupigon • Open • overflow • packet • proxy • scanner • security • storm • unauthenticated • vulnerability • whitepaper • win32 • XSS
SAP SMD Agent Unauthenticated Remote Code Execution ≈ Packet Storm
April 7th, 2021 📆 | 1620 Views ⚑
# Onapsis Security Advisory 2021-0001: CVE-2020-6207] – UnauthenticatedRCE in SAP all SMD Agents connected to SAP SolMan ## Impact on
Tagged with: advisory • agent • code • CSRF • execution • exploit • overflow • packet • remote • SAP • scanner • security • SMD • storm • unauthenticated • vulnerability • whitepaper • XSS
F5 BIG-IP 16.0.x – iControl REST Remote Code Execution (Unauthenticated)
April 5th, 2021 📆 | 7473 Views ⚑
# Exploit Title: F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated) # Exploit Author: Al1ex # Vendor Homepage:
Tagged with: 160x • bigip • code • CVE-2021-22986 • execution • hardware • icontrol • remote • rest • unauthenticated • webapps
SaltStack Salt API Unauthenticated Remote Command Execution ≈ Packet Storm
April 1st, 2021 📆 | 6945 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheckinclude Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::CmdStagerinclude
Tagged with: advisory • API • command • CSRF • execution • exploit • overflow • packet • remote • Salt • saltstack • scanner • security • storm • unauthenticated • vulnerability • whitepaper • XSS
TP-Link Devices – ‘setDefaultHostname’ Stored Cross-site Scripting (Unauthenticated)
March 29th, 2021 📆 | 5840 Views ⚑
# Exploit Title: TP-Link Devices - 'setDefaultHostname' Stored Cross-site Scripting (Unauthenticated) # Date: 24-07-2020 # Exploit Author: Smriti Gaba, Kaustubh
Tagged with: cross • CrossSite • devices • hardware • scripting • setdefaulthostname • stored • tplink • unauthenticated • webapps
Advantech iView Unauthenticated Remote Code Execution ≈ Packet Storm
March 24th, 2021 📆 | 6799 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheckinclude Msf::Exploit::Remote::HttpClientinclude Msf::Exploit::CmdStagerinclude
Tagged with: advantech • advisory • code • CSRF • execution • exploit • iview • overflow • packet • remote • scanner • security • storm • unauthenticated • vulnerability • whitepaper • XSS
SonLogger 4.2.3.3 – Unauthenticated Arbitrary File Upload (Metasploit)
March 21st, 2021 📆 | 6574 Views ⚑
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking include
Tagged with: arbitrary • CVE-2021-27964 • File • metasploit • multiple • sonlogger • unauthenticated • upload • webapps
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Config Download (Unauthenticated)
March 21st, 2021 📆 | 8593 Views ⚑
# Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download (Unauthenticated) # Date: 03.02.2021 # Exploit Author: LiquidWorm
Tagged with: config • CPE • download • hardware • jatontec • jt3500v • kztech • KZTechJatonTecNeotel • LTE • neotel • unauthenticated • webapps
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Device Reboot (Unauthenticated)
March 20th, 2021 📆 | 2874 Views ⚑
# Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Device Reboot (Unauthenticated) # Date: 03.02.2021 # Exploit Author: LiquidWorm
Tagged with: CPE • device • DoS • hardware • jatontec • jt3500v • kztech • KZTechJatonTecNeotel • LTE • neotel • reboot • unauthenticated
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Factory Reset (Unauthenticated)
March 20th, 2021 📆 | 2713 Views ⚑
# Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Factory Reset (Unauthenticated) # Date: 03.02.2021 # Exploit Author: LiquidWorm
Tagged with: CPE • factory • hardware • jatontec • jt3500v • kztech • KZTechJatonTecNeotel • LTE • neotel • reset • unauthenticated • webapps
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Log Disclosure ≈ Packet Storm
March 20th, 2021 📆 | 4383 Views ⚑
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Log Disclosure Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd.Product web page:
Tagged with: advisory • CPE • CSRF • disclosure • exploit • jatontec • jt3500v • kztech • KZTechJatonTecNeotel • Log • LTE • neotel • overflow • packet • scanner • security • storm • unauthenticated • vulnerability • whitepaper • XSS
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Factory Reset ≈ Packet Storm
March 20th, 2021 📆 | 8485 Views ⚑
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Factory Reset Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd.Product web page:
Tagged with: advisory • CPE • CSRF • exploit • factory • jatontec • jt3500v • kztech • KZTechJatonTecNeotel • LTE • neotel • overflow • packet • reset • scanner • security • storm • unauthenticated • vulnerability • whitepaper • XSS
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Device Reboot ≈ Packet Storm
March 19th, 2021 📆 | 3779 Views ⚑
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Device Reboot (DoS) Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd.Product web
Tagged with: advisory • CPE • CSRF • device • exploit • jatontec • jt3500v • kztech • KZTechJatonTecNeotel • LTE • neotel • overflow • packet • reboot • scanner • security • storm • unauthenticated • vulnerability • whitepaper • XSS
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Configuration Download ≈ Packet Storm
March 19th, 2021 📆 | 3378 Views ⚑
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Config Download Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd.Product web page:
Tagged with: advisory • configuration • CPE • CSRF • download • exploit • jatontec • jt3500v • kztech • KZTechJatonTecNeotel • LTE • neotel • overflow • packet • scanner • security • storm • unauthenticated • vulnerability • whitepaper • XSS
Profiling System for Human Resource Management 1.0 – Remote Code Execution (Unauthenticated)
March 19th, 2021 📆 | 5648 Views ⚑
# Exploit Title: Profiling System for Human Resource Management 1.0 - Remote Code Execution (Unauthenticated) # Date: 19-03-2021 # Exploit
Tagged with: code • execution • human • management • php • profiling • remote • resource • system • unauthenticated • webapps
SolarWinds TFTP Server 11.0.4.101 Remote Unauthenticated Reconfiguration ≈ Packet Storm
March 17th, 2021 📆 | 5391 Views ⚑
Older versions of SolarWinds' TFTP Server, which could have been installedfrom a standalone download or bundled with certain paid products,
Tagged with: advisory • CSRF • exploit • overflow • packet • reconfiguration • remote • scanner • security • server • solarwinds • storm • TFTP • unauthenticated • vulnerability • whitepaper • XSS
Hotel and Lodge Management System 1.0 – Remote Code Execution (Unauthenticated)
March 8th, 2021 📆 | 5032 Views ⚑
# Exploit Title: Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated) # Date: 07-03-2021 # Exploit Author:
Tagged with: code • execution • hotel • lodge • management • php • remote • system • unauthenticated • webapps
Online Ordering System 1.0 – Blind SQL Injection (Unauthenticated)
March 5th, 2021 📆 | 3764 Views ⚑
# Exploit Title: Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated) # Date: 2021-03-04 # Exploit Author: Suraj Bhosale
Tagged with: blind • injection • online • ordering • php • SQL • system • unauthenticated • webapps
Covid-19 Contact Tracing System 1.0 – Remote Code Execution (Unauthenticated)
March 1st, 2021 📆 | 4698 Views ⚑
# Exploit Title: Covid-19 Contact Tracing System 1.0 - Remote Code Execution (Unauthenticated) # Date: 28-02-2021 # Exploit Author: Christian
Tagged with: code • contact • covid • COVID19 • execution • php • remote • system • tracing • unauthenticated • webapps
Popular
Microsoft Exchange ProxyLogon Remote Code Execution… March 24, 2021 ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule…
Meet the 2021 SC Awards judges March 29, 2021 Each year, a select pool of experts from the cybersecurity…
Was My Facebook Hacked? How to See if Your Phone… April 5, 2021 Photo: Chip Somodevilla (Getty Images)Hacked data on over 553 million…
Varun Nair joins BookMyShow as Head Information… April 9, 2021 Bangalore-based Varun Nair has joined BookMyShow as Head-Information Security. According…
Coca-Cola trade secret theft underscores importance… April 6, 2021 The trial of Xiaorong You is set to begin today,…
The cesspool of the internet is to be found in a… April 5, 2021 At the beginning of 2012, the British internet activist and…
Microsoft acquires Nuance Communications. Veriff… April 14, 2021 MarketplaceWhere VCs Are Putting Their Money As Cybersecurity Funding Hits…
Members
Comments