HadiMed

4 exploits Active since Aug 2021
CVE-2022-25943 NOMISEC HIGH WORKING POC
WPS Office < 11.2.0.10258 - Incorrect Default Permissions in Service Directory
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed.
58 stars
CVSS 7.8
CVE-2021-3707 NOMISEC MEDIUM WORKING POC
D-Link router DSL-2750U <vME1.16 - RCE
D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3708, to execute any OS commands on the vulnerable device.
21 stars
CVSS 5.5
CVE-2021-3707 WRITEUP MEDIUM WRITEUP
D-Link router DSL-2750U <vME1.16 - RCE
D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to unauthorized configuration modification. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3708, to execute any OS commands on the vulnerable device.
CVSS 5.5
CVE-2021-3708 WRITEUP HIGH WRITEUP
D-Link router DSL-2750U <vME1.16 - Command Injection
D-Link router DSL-2750U with firmware vME1.16 or prior versions is vulnerable to OS command injection. An unauthenticated attacker on the local network may exploit this, with CVE-2021-3707, to execute any OS commands on the vulnerable device.
CVSS 7.8