AhmedAlroky

3 exploits Active since Mar 2022
CVE-2023-28343 WRITEUP CRITICAL WRITEUP
APSystems Energy Communication Unit Firmware C1.2.5 - OS Command Injection via Timezone Parameter
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php.
CVSS 9.8
CVE-2023-31502 WRITEUP HIGH WORKING POC
Altenergy Power Control Software C1.2.5 - RCE
Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution (RCE) vulnerability via the component /models/management_model.php.
CVSS 7.2
CVE-2021-46379 EXPLOITDB MEDIUM text WORKING POC
DLink DIR850 ET850-1.08TRb03 - Open Redirect
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL redirection to untrusted site.
CVSS 6.1