Facundo Pantaleo

4 exploits Active since Mar 2014
CVE-2013-4980 EXPLOITDB WORKING POC
AVTECH AVN801 DVR <1017-1003-1009-1003 - Buffer Overflow
Buffer overflow in the RTSP Packet Handler in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the URI in an RTSP SETUP request.
CVE-2013-4981 EXPLOITDB WORKING POC
AVTECH AVN801 DVR <1017-1003-1009-1003 - Buffer Overflow
Buffer overflow in cgi-bin/user/Config.cgi in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the Network.SMTP.Receivers parameter.
CVE-2014-8387 EXPLOITDB text WORKING POC
Advantech EKI-6340 2.05 - Authenticated OS Command Injection via pinghost Parameter
cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated users to execute arbitrary commands via shell metacharacters in the pinghost parameter to ping.cgi.
CVE-2013-4982 EXPLOITDB CRITICAL text WORKING POC
AVTECH AVN801 DVR Firmware - Authentication Bypass via Captcha
AVTECH AVN801 DVR has a security bypass via the administration login captcha
CVSS 9.8