Jacob Baines

35 exploits Active since Jul 2016
CVE-2019-3929 EXPLOITDB CRITICAL text WORKING POC
Crestron Am-100 Firmware < 2.4.1.19 - OS Command Injection
The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.
CVSS 9.8
CVE-2021-20034 EXPLOITDB CRITICAL text WORKING POC
Sonicwall Sma 200 Firmware < 9.0.0.10-28sv - Improper Access Control
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings.
CVSS 9.1
CVE-2020-3161 EXPLOITDB CRITICAL text WORKING POC
Cisco IP Phones - RCE/DoS
A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.
CVSS 9.8
EIP-2026-101392 EXPLOITDB python WORKING POC
NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)
CVE-2019-3924 EXPLOITDB HIGH text WORKING POC
MikroTik RouterOS <6.43.12-6.42.12 - RCE
MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for general network scanning activities.
CVSS 7.5
CVE-2019-3978 EXPLOITDB HIGH c++ WORKING POC
Mikrotik Routeros < 6.44.5 - Missing Authentication
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially resulting in cache poisoning
CVSS 7.5
CVE-2018-14847 EXPLOITDB CRITICAL c++ WORKING POC
MikroTik RouterOS <6.42 - Path Traversal
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
CVSS 9.1
CVE-2013-4863 EXPLOITDB HIGH html WORKING POC
MiCasaVerde VeraLite <1.5.408 - RCE
The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a RunLua action in a request to port_49451/upnp/control/hag.
CVSS 8.8
CVE-2017-2741 EXPLOITDB CRITICAL python WORKING POC
HP PageWide/OfficeJet Pro <1708D - RCE
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmware before 1708D. This vulnerability could potentially be exploited to execute arbitrary code.
CVSS 9.8
CVE-2020-5735 EXPLOITDB HIGH python WORKING POC
Amcrest - Buffer Overflow
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.
CVSS 8.8