This is a remote exploit for OpenFTPD version <= 0.30.2. It exploits a format string bug in the message system. The vulnerability was rediscovered by a VOID.AT. The exploit allows attackers to execute arbitrary code on the target system.
The ZTE AC 3633R USB Modem is vulnerable to an authentication bypass vulnerability, allowing an attacker to gain administrative access. It is also vulnerable to a denial of service vulnerability, causing the modem to crash and reboot. This crash may lead to remote code execution and root privilege on the device.
JDownloader 2 Beta is vulnerable to a directory traversal security issue. The vulnerability allows an attacker to create or overwrite arbitrary files on the target filesystem by using a specially crafted ZIP file with a directory traversal sequence in the entry name.
This exploit takes advantage of the SQL CLIENT_IP vulnerability in Mybb version <= 1.2.2. It uses blind SQL injection to execute a malicious SQL query on the database.
This module exploits a remote buffer overflow vulnerability on several Airties routers. The vulnerability exists in the handling of HTTP queries to the login cgi with long redirect parameters. The vulnerability doesn't require authentication. This module has been tested successfully on the AirTies_Air5650v3TT_FW_1.0.2.0.bin firmware with emulation. Other versions such as the Air6372, Air5760, Air5750, Air5650TT, Air5453, Air5444TT, Air5443, Air5442, Air5343, Air5342, Air5341, Air5021 are also reported as vulnerable.
The WebKalk2 version 1.9.0 is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by manipulating the 'absolute_path' parameter in the 'engine.inc.php' file, allowing them to include arbitrary files from a remote server.
Different devices using the Realtek SDK with the miniigd daemon are vulnerable to OS command injection in the UPnP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command. This module has been tested successfully on a Trendnet TEW-731BR router with emulation.
This exploit allows an attacker to include a remote file in the vulnerable application's code, potentially leading to remote code execution.
This vulnerability allows an attacker to hijack a valid session that is in progress by a legitimate user. Due to the predictable session generation and due to the lack of cookie based authentication in the web interface, it was confirmed that an attacker from a different source IP address can issue valid requests, impersonating the authenticated user. The attack complexity is very low, no special software is required. It was noted that valid sessions do time out after a certain period of inactivity, however hijacked sessions can elongate the session validity. The impact of this vulnerability is that the attacker can bypass intended access restrictions and impersonate currently active users, including administrators. Successful exploitation will result in complete loss of control over the device, and may depend on the compromised user context.
Sending a 'POST /%' request to the webserver will cause an abnormal termination of the program, requiring a reboot of the webserver.
Services By CQR
