Fernandez Ezequiel

11 exploits Active since Jun 2017
CVE-2018-9995 NOMISEC CRITICAL WORKING POC
TBK DVR4104 and DVR4216 - Unauthenticated Authentication Bypass via Cookie Header
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
554 stars
CVSS 9.8
CVE-2018-9995 NOMISEC CRITICAL WORKING POC
TBK DVR4104 and DVR4216 - Unauthenticated Authentication Bypass via Cookie Header
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
111 stars
CVSS 9.8
CVE-2018-9995 NOMISEC CRITICAL WORKING POC
TBK DVR4104 and DVR4216 - Unauthenticated Authentication Bypass via Cookie Header
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
4 stars
CVSS 9.8
CVE-2017-9097 NOMISEC CRITICAL WORKING POC
Anti-Web <3.8.7 - Path Traversal
In Anti-Web through 3.8.7, as used on NetBiter FGW200 devices through 3.21.2, WS100 devices through 3.30.5, EC150 devices through 1.40.0, WS200 devices through 3.30.4, EC250 devices through 1.40.0, and other products, an LFI vulnerability allows a remote attacker to read or modify files through a path traversal technique, as demonstrated by reading the password file, or using the template parameter to cgi-bin/write.cgi to write to an arbitrary file.
3 stars
CVSS 9.1
CVE-2018-9995 NOMISEC CRITICAL WORKING POC
TBK DVR4104 and DVR4216 - Unauthenticated Authentication Bypass via Cookie Header
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
2 stars
CVSS 9.8
CVE-2018-9995 NOMISEC CRITICAL WORKING POC
TBK DVR4104 and DVR4216 - Unauthenticated Authentication Bypass via Cookie Header
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
1 stars
CVSS 9.8
CVE-2018-9995 GITLAB CRITICAL WORKING POC
TBK DVR4104 and DVR4216 - Unauthenticated Authentication Bypass via Cookie Header
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
CVSS 9.8
CVE-2018-9995 NOMISEC CRITICAL WORKING POC
TBK DVR4104 and DVR4216 - Unauthenticated Authentication Bypass via Cookie Header
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
CVSS 9.8
CVE-2018-9995 NOMISEC CRITICAL WORKING POC
TBK DVR4104 and DVR4216 - Unauthenticated Authentication Bypass via Cookie Header
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
CVSS 9.8
CVE-2018-9995 NOMISEC CRITICAL WORKING POC
TBK DVR4104 and DVR4216 - Unauthenticated Authentication Bypass via Cookie Header
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
CVSS 9.8
CVE-2018-9995 EXPLOITDB CRITICAL python WORKING POC
TBK DVR4104 and DVR4216 - Unauthenticated Authentication Bypass via Cookie Header
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
CVSS 9.8