Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Exploits - exploit.company
header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass

The Elber Wayber Analog/Digital Audio STL version 3.0.0 and below, including Firmware versions 4.00 Rev. 1501, 4.00 Rev. 1516, and 3.00 Rev. 1350, are vulnerable to an authentication bypass. By exploiting this vulnerability, an attacker can gain unauthorized access to the password management functionality, allowing them to change passwords for any user in the system. This unauthorized access compromises the security of the device.

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass

The Elber ESE DVB-S/S2 Satellite Receiver 1.5.x devices are prone to an authentication bypass vulnerability due to unauthorized access to the password management function. By manipulating the set_pwd endpoint, attackers can change the password of any user, granting them unauthorized administrative access to critical parts of the application and compromising system security.

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass

The Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 is vulnerable to an authentication bypass issue that allows attackers to gain unauthorized administrative access by manipulating the set_pwd endpoint to overwrite user passwords within the system. This exploit compromises the security of the device's system.

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass

The Elber Reble610 device is vulnerable to an authentication bypass issue that allows attackers to gain unauthorized and administrative access to protected areas of the application. This vulnerability occurs due to a flaw in the password management functionality, specifically in the set_pwd endpoint, which can be manipulated by attackers to overwrite the password of any user within the system.

Elber Signum DVB-S/S2 IRD Authentication Bypass

The Elber Signum DVB-S/S2 IRD device is vulnerable to an authentication bypass issue that allows attackers to gain unauthorized access by manipulating the set_pwd endpoint to overwrite user passwords and access protected areas of the application.

Flowise 1.6.5 – Authentication Bypass

Flowise version 1.6.5 and below is susceptible to an authentication bypass vulnerability. By modifying the endpoint paths to uppercase, such as /API/V1 instead of /api/v1, an attacker can bypass the authentication process. This issue is due to the lack of case sensitivity in the code snippet responsible for authentication middleware.

Microsoft Windows Defender TrojanWin32Powessere.G Mitigation Bypass Part 3

Windows Defender fails to detect and prevent execution of TrojanWin32Powessere.G when leveraging rundll32.exe, leading to an 'Access is denied' error. The bypass was first disclosed in 2022 by passing an extra path traversal with mshtml, which was later mitigated. Subsequently, on Feb 7, 2024, using multiple commas as part of the path allowed bypassing the mitigation until it was fixed. Another trivial bypass was discovered soon after.

Positron Broadcast Signal Processor TRA7005 v1.20 – Authentication Bypass

The Positron Broadcast Digital Signal Processor TRA7005 is vulnerable to an authentication bypass that allows attackers to gain unauthorized access to protected areas of the application by manipulating the password management functionality. By exploiting this vulnerability, attackers can bypass Digest authentication, set a user's password to any value, or even remove it completely.

Electrolink FM/DAB/TV Transmitter Remote Authentication Bypass

An attacker can bypass authentication on Electrolink FM/DAB/TV Transmitter devices due to a lack of proper authentication mechanisms. This vulnerability affects various models and versions of Electrolink transmitters, allowing unauthorized access to the devices.

Recent Exploits: