Jimson K James

2 exploits Active since Mar 2014
CVE-2013-6031 WRITEUP WORKING POC
Huawei E355 Firmware 21.157.37.01.910 - Unauthenticated Sensitive Information Disclosure via API
The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication for API pages, which allows remote attackers to change passwords and settings, or obtain sensitive information, via a direct request to (1) api/wlan/security-settings, (2) api/device/information, (3) api/wlan/basic-settings, (4) api/wlan/mac-filter, (5) api/monitoring/status, or (6) api/dhcp/settings.
CVE-2013-6031 METASPLOIT ruby WORKING POC
Huawei E355 Firmware 21.157.37.01.910 - Unauthenticated Sensitive Information Disclosure via API
The Huawei E355 adapter with firmware 21.157.37.01.910 does not require authentication for API pages, which allows remote attackers to change passwords and settings, or obtain sensitive information, via a direct request to (1) api/wlan/security-settings, (2) api/device/information, (3) api/wlan/basic-settings, (4) api/wlan/mac-filter, (5) api/monitoring/status, or (6) api/dhcp/settings.