Jake Reynolds

9 exploits Active since Jun 2006
CVE-2013-3612 EXPLOITDB WORKING POC
Dahuasecurity Dvr0404hd-a - Credentials Management
Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalone client, or (c) unknown other vectors.
CVE-2013-3613 EXPLOITDB WORKING POC
Dahuasecurity Dvr0404hd-a - Authentication Bypass
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
CVE-2013-3614 EXPLOITDB WORKING POC
Dahuasecurity Dvr0404hd-a - Access Control
Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack.
CVE-2013-3615 EXPLOITDB WORKING POC
Dahuasecurity Dvr0404hd-a - Credentials Management
Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack.
CVE-2013-6117 METASPLOIT ruby WORKING POC
Dahuasecurity Dvr Firmware - Authentication Bypass
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.
EIP-2026-101927 EXPLOITDB text WRITEUP
Polycom VVX-Series Business Media Phones - Directory Traversal
CVE-2013-6117 EXPLOITDB text WORKING POC
Dahuasecurity Dvr Firmware - Authentication Bypass
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.
CVE-2006-3109 EXPLOITDB text WORKING POC
Cisco CallManager <4.3 - XSS
Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657.
CVE-2006-3109 EXPLOITDB text WORKING POC
Cisco CallManager <4.3 - XSS
Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657.