header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore IDOR Vulnerability

The Hitachi NAS (HNAS) System Management Unit (SMU) before version 14.8.7825.01 is vulnerable to an Insecure Direct Object Reference (IDOR) issue. An attacker can exploit this vulnerability to download arbitrary files from the server. This vulnerability has been assigned CVE-2023-5808.

tcpdump/ethereal (RSVP) rsvp_print() infinite loop DOS

The vulnerability exists in tcpdump v3.9.1 and earlier versions, as well as ethereal v0.10.10. It is caused by a single (RSVP) packet that triggers an infinite loop in the rsvp_print() function. Clicking on the packet or receiving ICMP replies can also trigger the vulnerability. The bug is present in the RSVP_OBJ_ERO and RSVP_OBJ_RRO classes.

Pine <= 4.56 exploit

The exploit allows an attacker to execute arbitrary code on a remote system running Pine version 4.56 or earlier. The exploit can be achieved using two methods: 1) standard shellcode and 2) ret to libc. The details of the exploit can be found in the iDefense advisory: http://www.idefense.com/advisory/09.10.03.txt. The exploit requires the distance from a variable to the EIP/EBP register, which can be bruteforced to achieve a high success rate. The exploit can be used to create a worm or gain control over the target system.

Nodez 4.6.1.1 Mercury (possibly prior versions) multiple vulnerabilities

The 'op', 'bop', 'ext', 'eop' arguments are not properly sanitized before including files from local resources, allowing for arbitrary file inclusion. The 'ext' argument can be used to inject PHP code into the 'cache/ext/statman/log.gtdat' file and execute commands. Additionally, the 'list.gtdat' file in the 'cache/users' folder exposes the MD5 password hashes of all admin and users. This can be exploited by crafting a specific value for the 'upass' parameter.

Recent Exploits: