Gregor Kopf

3 exploits Active since Oct 2010
CVE-2010-3714 METASPLOIT ruby WORKING POC
TYPO3 4.2.0-4.2.14, 4.3.0-4.3.6, 4.4.0-4.4.3 - Unauthenticated Arbitrary File Read via jumpUrl Hash Comparison
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2018-7300 EXPLOITDB CRITICAL ruby WORKING POC
Homematic CCU2 Firmware < 2.29.22 - Unauthenticated Path Traversal and Arbitrary File Write via User.setLanguage Method
Directory Traversal / Arbitrary File Write / Remote Code Execution in the User.setLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to write arbitrary files to the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
CVSS 9.8
CVE-2018-7297 EXPLOITDB CRITICAL ruby WORKING POC
Homematic CCU2 Firmware < 2.29.22 - Unauthenticated Remote Code Execution via TCL Script Interpreter
Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
CVSS 9.8