Artem Metla

2 exploits Active since Nov 2018
CVE-2018-15716 EXPLOITDB HIGH python WORKING POC
NUUO NVRMini2 3.9.1 - Authenticated Remote Command Injection via upgrade_handle.php
NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.
CVSS 8.8
CVE-2019-3921 EXPLOITDB HIGH python WORKING POC
Nokia I-240W-Q GPON ONT Firmware 3FE54567BOZJ19 - Authenticated Stack-based Buffer Overflow via HTTP POST Request
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potentially execute arbitrary code.
CVSS 8.8