Guy Levin - Security Researcher - Exploit Intelligence Platform

CVE-2021-27342 NOMISEC MEDIUM WORKING POC

D-Link Router DIR-842 v3.0.2 - Auth Bypass

An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR-842 firmware version 3.0.2 allows a remote attacker to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack

14 stars

CVSS 5.9

View Code

CVE-2019-12181 NOMISEC HIGH WORKING POC

Serv-U FTP Server prepareinstallation Privilege Escalation

A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.

8 stars

CVSS 8.8

View Code

CVE-2019-17424 NOMISEC HIGH WORKING POC

nipper-ng 0.11.10 - Remote Code Execution or Denial of Service via Crafted Firewall Configuration File

A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file.

5 stars

CVSS 7.8

View Code

CVE-2021-27342 WRITEUP MEDIUM WORKING POC

D-Link Router DIR-842 v3.0.2 - Auth Bypass

An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR-842 firmware version 3.0.2 allows a remote attacker to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack

CVSS 5.9

View Code

CVE-2019-12181 INTHEWILD HIGH WORKING POC

Serv-U FTP Server prepareinstallation Privilege Escalation

A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.

CVSS 8.8

View Code

CVE-2021-27342 INTHEWILD MEDIUM WORKING POC

D-Link Router DIR-842 v3.0.2 - Auth Bypass

An authentication brute-force protection mechanism bypass in telnetd in D-Link Router model DIR-842 firmware version 3.0.2 allows a remote attacker to circumvent the anti-brute-force cool-down delay period via a timing-based side-channel attack

CVSS 5.9

View Code

CVE-2019-17424 INTHEWILD HIGH WORKING POC

nipper-ng 0.11.10 - Remote Code Execution or Denial of Service via Crafted Firewall Configuration File

A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file.

CVSS 7.8

View Code

CVE-2019-12181 METASPLOIT HIGH ruby WORKING POC

Serv-U FTP Server prepareinstallation Privilege Escalation

A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.

CVSS 8.8

View Code

CVE-2019-12181 EXPLOITDB HIGH bash WORKING POC

Serv-U FTP Server prepareinstallation Privilege Escalation

A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.

CVSS 8.8

View Code

CVE-2019-17424 EXPLOITDB HIGH python WORKING POC

nipper-ng 0.11.10 - Remote Code Execution or Denial of Service via Crafted Firewall Configuration File

A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file.

CVSS 7.8

View Code

CVE-2019-12181 EXPLOITDB HIGH c WORKING POC

Serv-U FTP Server prepareinstallation Privilege Escalation

A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.

CVSS 8.8

View Code

CVE-2019-12181 EXPLOITDB HIGH ruby WORKING POC

Serv-U FTP Server prepareinstallation Privilege Escalation

A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.

CVSS 8.8

View Code