This exploit allows an attacker to execute arbitrary commands on a vulnerable system. The vulnerability exists in the preview.php script, which is used to generate a live preview of the camera. The script takes user input from the 'convert' and 'convertCmd' parameters and passes it to the system without proper sanitization, allowing an attacker to inject arbitrary commands.
This vulnerability causes the program to crash and start to heavily consume system resources. Do not test on critical systems, can cause system crash. Steps to reproduce: 1. Create a file in Notepad with the given XML code and save it as 'test.xml'. 2. Run the command 'nmap --script-args=unsafe=1 -sV -p80 --script http-vuln-cve2018-7600 test.xml'. 3. The program will crash and start to heavily consume system resources.
Any Sound Recorder 2.93 is vulnerable to a denial of service attack when a maliciously crafted file is opened. An attacker can exploit this vulnerability by creating a file with a large amount of data and then opening it in the application. This will cause the application to crash.
LW-N605R devices allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases.
iSmartViewPro 1.5 is vulnerable to a buffer overflow vulnerability when a maliciously crafted input is supplied to the 'Save Path for Snapshot and Record file' field. This can be exploited to execute arbitrary code by overwriting the SEH handler with a malicious payload.
QNAP Photo Station versions 5.7.0 and earlier are vulnerable to Cross-Site Scripting (XSS). An attacker can inject malicious JavaScript code into the application by sending a specially crafted URL to the vulnerable application. This code will be executed in the context of the user's browser, allowing the attacker to perform various malicious activities such as stealing cookies, hijacking the user's session, and redirecting the user to malicious websites.
Softneta MedDream PACS Server Premium 6.7.1.1 is vulnerable to directory traversal attacks. An attacker can exploit this vulnerability by sending a crafted HTTP request containing directory traversal sequences (e.g. '../../../../../../../../../../') to the vulnerable server. This can allow the attacker to access sensitive files and directories that are stored outside the web root folder. Additionally, the attacker can also bypass authentication and obtain private information from users and passwords.
A buffer overflow vulnerability exists in DVD Photo Slideshow Professional 8.07 due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability by supplying a specially crafted input to the application, resulting in arbitrary code execution.
Setup a malicious DHCP server in the network using dnsmasq, start a listener on port 5555 on other terminal, send a normal IP request to the malicious DHCP server from the victim machine and check the listener to get the reverse shell with root privileges.
MedDream PACS Server Premium 6.7.1.1 is vulnerable to 'email' SQL Injection. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP POST request to the vulnerable server. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.
Services By CQR