Efstratios Chatzoglou

6 exploits Active since Nov 2021
CVE-2022-30592 NOMISEC CRITICAL WORKING POC
Litespeedtech Lsquic < 3.1.0 - NULL Pointer Dereference
liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY.
79 stars
CVSS 9.8
CVE-2022-30591 NOMISEC HIGH WORKING POC
Quic-go < 0.27.0 - Denial of Service
quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU consumption) via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtu_discoverer.go misparses the MTU Discovery service and consequently overflows the probe timer. NOTE: the vendor's position is that this behavior should not be listed as a vulnerability on the CVE List
25 stars
CVSS 7.5
CVE-2022-41540 NOMISEC MEDIUM WORKING POC
TP-Link AX10v1 V1_211117 - Info Disclosure
The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when communicating with the router. Attackers who are able to intercept the communications between the web client and router through a man-in-the-middle attack can then obtain the sequence key via a brute-force attack, and access sensitive information.
17 stars
CVSS 5.9
CVE-2021-37910 NOMISEC LOW WORKING POC
ASUS routers - DoS
ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames.
17 stars
CVSS 3.7
CVE-2021-41437 WRITEUP MEDIUM WORKING POC
Asus Rt-ax88u Firmware < 3.0.0.4.388.20558 - Injection
An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558 allows an attacker to craft a specific URL that if an authenticated victim visits it, the URL will give access to the cloud storage of the attacker.
CVSS 6.5
CVE-2022-41541 WRITEUP HIGH WORKING POC
TP-Link AX10v1 - Open Redirect
TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token. Attackers are able to login to the web application as an admin user.
CVSS 8.1