Vulnerability & Exploit Database

Displaying entries 1 - 10 of 28 in total

Results for: Karn Back to search

Cambium ePMP1000 'get_chart' Shell via Command Injection (v3.1-3.5-RC7) Exploit

Disclosed: December 18, 2017

This module exploits an OS Command Injection vulnerability in Cambium ePMP1000 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to set up a reverse netcat shell. The module has been tested on versions 3.1-3.5-RC7.

Cambium ePMP1000 'ping' Shell via Command Injection (up to v2.5) Exploit

Disclosed: November 28, 2015

This module exploits an OS Command Injection vulnerability in Cambium ePMP1000 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to set up a reverse netcat shell.

EasyFTP Server LIST Command Stack Buffer Overflow Exploit

Disclosed: July 05, 2010

This module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.11. credit goes to Karn Ganeshan. NOTE: Although, this is likely to exploit the same vulnerability as the 'easyftp_cwd_fixret' exploit, it uses a slightly different vector.

Cambium ePMP 1000 SNMP Enumeration Exploit

Disclosed:

Cambium devices (ePMP, PMP, Force, & others) can be administered using SNMP. The device configuration contains IP addresses, keys, and passwords, amongst other information. This module uses SNMP to extract Cambium ePMP device configuration. On certain software versions, specific device configuration values can be ...

Cambium cnPilot r200/r201 SNMP Enumeration Exploit

Disclosed:

Cambium cnPilot r200/r201 devices can be administered using SNMP. The device configuration contains IP addresses, keys, passwords, & lots of juicy information. This module exploits an access control flaw, which allows remotely extracting sensitive information such as account passwords, WiFI PSK, & SIP credentials ...

Sentry Switched CDU Bruteforce Login Utility Exploit

Disclosed:

This module scans for ServerTech's Sentry Switched CDU (Cabinet Power Distribution Unit) web login portals, and performs login brute force to identify valid credentials.

RFCode Reader Web Interface Login / Bruteforce Utility Exploit

Disclosed:

This module simply attempts to login to a RFCode Reader web interface. Please note that by default there is no authentication. In such a case, password brute force will not be performed. If there is authentication configured, the module will attempt to find valid login credentials and capture device information.