Edward Warren

48 exploits Active since Jun 2023
CVE-2024-31975 WRITEUP MEDIUM WRITEUP
EnGenius EWS356-Fit <1.1.30 - XSS
EnGenius EWS356-Fit devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. JavaScript embedded into a vulnerable field is executed when the user clicks the SSID field's corresponding EDIT button.
CVSS 4.8
CVE-2024-36060 WRITEUP HIGH WRITEUP
EnGenius EnStation5-AC - Command Injection
EnGenius EnStation5-AC A8J-ENS500AC 1.0.0 devices allow blind OS command injection via shell metacharacters in the Ping and Speed Test parameters.
CVSS 8.8
CVE-2024-36061 WRITEUP CRITICAL WRITEUP
EnGenius EWS356-FIT <1.1.30 - Command Injection
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an attacker to execute arbitrary OS commands via shell metacharacters to the Ping and Speed Test utilities.
CVSS 9.8
CVE-2024-36062 WRITEUP MEDIUM WRITEUP
com.callassistant.android <1.174 - RCE
The com.callassistant.android (aka AI Call Assistant & Screener) application 1.174 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.callassistant.android.ui.call.incall.InCallActivity component.
CVSS 4.0
CVE-2024-36063 WRITEUP HIGH WRITEUP
Goodwy dialer <5.1.0 - Code Injection
The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.goodwy.dialer.activities.DialerActivity component.
CVSS 7.5
CVE-2024-36064 WRITEUP MEDIUM WRITEUP
com.nll.cb <0.330-playStore-NoAccessibility-arm8 - RCE
The NLL com.nll.cb (aka ACR Phone) application through 0.330-playStore-NoAccessibility-arm8 for Android allows any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.nll.cb.dialer.dialer.DialerActivity component.
CVSS 6.2
CVE-2024-37573 WRITEUP HIGH WRITEUP
Talkatone <8.4.6 - RCE
The Talkatone com.talkatone.android application 8.4.6 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.talkatone.vedroid.ui.launcher.OutgoingCallInterceptor component.
CVSS 8.4
CVE-2024-42041 WRITEUP HIGH WRITEUP
AppTool-Browser-Video All Video Downloader <20-30.05.24 - XSS
The com.videodownload.browser.videodownloader (aka AppTool-Browser-Video All Video Downloader) application 20-30.05.24 for Android allows an attacker to execute arbitrary JavaScript code via the acr.browser.lightning.DefaultBrowserActivity component.
CVSS 8.1
CVE-2024-46960 WRITEUP HIGH WRITEUP
ASD com.rocks.video.downloader <7.0.129 - XSS
The ASD com.rocks.video.downloader (aka HD Video Downloader All Format) application through 7.0.129 for Android allows an attacker to execute arbitrary JavaScript code via the com.rocks.video.downloader.MainBrowserActivity component.
CVSS 8.8
CVE-2024-46961 WRITEUP HIGH WRITEUP
Inshot <1.3.5 - XSS
The Inshot com.downloader.privatebrowser (aka Video Downloader - XDownloader) application through 1.3.5 for Android allows an attacker to execute arbitrary JavaScript code via the com.downloader.privatebrowser.activity.PrivateMainActivity component.
CVSS 8.1
CVE-2024-46962 WRITEUP CRITICAL WRITEUP
Master Video Downloader <2.0 - XSS
The SYQ com.downloader.video.fast (aka Master Video Downloader) application through 2.0 for Android allows an attacker to execute arbitrary JavaScript code via the com.downloader.video.fast.SpeedMainAct component.
CVSS 9.1
CVE-2024-46963 WRITEUP HIGH WRITEUP
Super Unlimited Video Downloader <5.1.9 - XSS
The com.superfast.video.downloader (aka Super Unlimited Video Downloader - All in One) application through 5.1.9 for Android allows an attacker to execute arbitrary JavaScript code via the com.bluesky.browser.ui.BrowserMainActivity component.
CVSS 8.1
CVE-2024-46964 WRITEUP HIGH WRITEUP
All Video Downloader <11.28 - XSS
The com.video.downloader.all (aka All Video Downloader) application through 11.28 for Android allows an attacker to execute arbitrary JavaScript code via the com.video.downloader.all.StartActivity component.
CVSS 8.1
CVE-2024-46965 WRITEUP MEDIUM WRITEUP
Fast Video Downloader: Browser <1.6-RC1 - XSS
The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through 1.6-RC1 for Android allows an attacker to execute arbitrary JavaScript code via the allvideo.downloader.browser.DefaultBrowserActivity component.
CVSS 5.4
CVE-2024-46966 WRITEUP HIGH WRITEUP
Ikhgur mn.ikhgur.khotoch <1.0.42 - XSS
The Ikhgur mn.ikhgur.khotoch (aka Video Downloader Pro & Browser) application through 1.0.42 for Android allows an attacker to execute arbitrary JavaScript code via the mn.ikhgur.khotoch.MainActivity component.
CVSS 8.1
CVE-2024-53931 WRITEUP CRITICAL WRITEUP
com.glitter.caller.screen <1.1 - RCE
The com.glitter.caller.screen (aka iCaller, Caller Theme & Dialer) application through 1.1 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.glitter.caller.screen.DialerActivity component.
CVSS 9.1
CVE-2024-53932 WRITEUP CRITICAL WRITEUP
Color Phone: Call Screen Theme <21.1.9 - RCE
The com.remi.colorphone.callscreen.calltheme.callerscreen (aka Color Phone: Call Screen Theme) application through 21.1.9 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.remi.colorphone.callscreen.calltheme.callerscreen.dialer.DialerActivity component.
CVSS 9.1
CVE-2024-53940 WRITEUP HIGH WRITEUP
Victure RX1800 WiFi 6 Router - Command Injection
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. Certain /cgi-bin/luci/admin endpoints are vulnerable to command injection. Attackers can exploit this by sending crafted payloads through parameters intended for the ping utility, enabling arbitrary command execution with root-level permissions on the device.
CVSS 8.8
CVE-2024-53941 WRITEUP HIGH WRITEUP
Victure RX1800 WiFi 6 Router EN_1.0.0_r12_110933 - Info Disclosure
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware 1.0) devices. A remote attacker (in proximity to a Wi-Fi network) can derive the default Wi-Fi PSK value via the last 4 octets of the BSSID.
CVSS 8.8
CVE-2024-53944 WRITEUP CRITICAL WRITEUP
Tuoshi/Dionlink LT15D/LT21B - Command Injection
An issue was discovered on Tuoshi/Dionlink LT15D 4G Wi-Fi devices through M7628NNxlSPv2xUI_v1.0.1802.10.08_P4 and LT21B devices through M7628xUSAxUIv2_v1.0.1481.15.02_P0. A unauthenticated remote attacker with network access can exploit a command injection vulnerability. The /goform/formJsonAjaxReq endpoint fails to sanitize shell metacharacters sent via JSON parameters, thus allowing attackers to execute arbitrary OS commands with root privileges.
CVSS 9.8
CVE-2024-53945 WRITEUP HIGH WRITEUP
KuWFi 4G AC900 LTE router 1.0.13 - Command Injection
The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command injection on the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can execute arbitrary OS commands with root privileges via shell metacharacters in parameters such as pincode and cmds. Exploitation can lead to full system compromise, including enabling remote access (e.g., enabling telnet).
CVSS 8.8
CVE-2025-54598 WRITEUP MEDIUM WRITEUP
Bevy < 2025-06-24 - CSRF
The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI.
CVSS 6.5
CVE-2025-68707 WRITEUP HIGH WRITEUP
Tongyu AX1800 Wi-Fi 6 Router 1.0.0 - Auth Bypass
An authentication bypass vulnerability in the Tongyu AX1800 Wi-Fi 6 Router with firmware 1.0.0 allows unauthenticated network-adjacent attackers to perform arbitrary configuration changes without providing credentials, as long as a valid admin session is active. This can result in full compromise of the device (i.e., via unauthenticated access to /boaform/formSaveConfig and /boaform/admin endpoints).
CVSS 8.8