Davy Douhine

8 exploits Active since Feb 2011
CVE-2017-5173 EXPLOITDB CRITICAL ruby WORKING POC
Geutebruck IP Camera G-Cam/EFD-2250 <1.11.0.12 - Command Injection
An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call multiple parameters that can allow access to the root level operating system which could allow remote code execution.
CVSS 9.8
CVE-2013-4557 METASPLOIT ruby WORKING POC
SPIP < 3.0.12 - Remote Code Execution via Security Screen Connect Parameter
The Security Screen (_core_/securite/ecran_securite.php) before 1.1.8 for SPIP, as used in SPIP 3.0.x before 3.0.12, allows remote attackers to execute arbitrary PHP via the connect parameter.
CVE-2011-0647 METASPLOIT ruby WORKING POC
EMC Replication Manager < 5.3 - Remote Code Execution via irccd.exe RunProgram Function
The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542.
CVE-2020-16205 METASPLOIT HIGH ruby WORKING POC
Geutebruck G-Cam and G-Code Firmware <= 1.12.0.25 - Authenticated Remote Command Execution via Crafted URL
Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5).
CVSS 7.2
CVE-2011-0647 EXPLOITDB ruby WORKING POC
EMC Replication Manager < 5.3 - Remote Code Execution via irccd.exe RunProgram Function
The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542.
EIP-2026-104775 EXPLOITDB ruby WORKING POC
SPIP - 'connect' PHP Injection (Metasploit)
EIP-2026-101759 EXPLOITDB ruby WORKING POC
Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution (Metasploit)
CVE-2017-5174 EXPLOITDB CRITICAL ruby WORKING POC
Geutebruck IP Camera G-Cam/EFD-2250 <1.11.0.12 - Auth Bypass
An Authentication Bypass issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An authentication bypass vulnerability has been identified. The existing file system architecture could allow attackers to bypass the access control that may allow remote code execution.
CVSS 9.8