Carlos E. Vieira - Security Researcher - Exploit Intelligence Platform

CVE-2018-13379 NOMISEC CRITICAL WORKING POC

FortiProxy < 1.2.9 and FortiOS 5.4.6-5.4.12 - Unauthenticated Path Traversal via SSL VPN Web Portal

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

6 stars

CVSS 9.1

View Code

CVE-2022-22947 EXPLOITDB CRITICAL python WORKING POC

Spring Cloud Gateway Remote Code Execution

In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.

CVSS 10.0

View Code

CVE-2020-5902 EXPLOITDB CRITICAL python WORKING POC

BIG-IP 11.6.1-11.6.5.1 - Remote Code Execution via TMUI Undisclosed Pages

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.

CVSS 9.8

View Code

CVE-2018-13379 EXPLOITDB CRITICAL python WORKING POC

FortiProxy < 1.2.9 and FortiOS 5.4.6-5.4.12 - Unauthenticated Path Traversal via SSL VPN Web Portal

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

CVSS 9.1

View Code

CVE-2018-13379 EXPLOITDB CRITICAL ruby WORKING POC

FortiProxy < 1.2.9 and FortiOS 5.4.6-5.4.12 - Unauthenticated Path Traversal via SSL VPN Web Portal

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

CVSS 9.1

View Code