John Jackson

5 exploits Active since Sep 2021
CVE-2022-27226 NOMISEC HIGH WORKING POC
IRZ Ru21 Firmware < 2022-03-16 - CSRF
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat actor to gain filesystem access. In addition, if the router's default credentials aren't rotated or a threat actor discovers valid credentials, remote code execution can be achieved without user interaction.
15 stars
CVSS 8.8
CVE-2021-40875 NOMISEC HIGH WORKING POC
Gurock TestRail <7.2.0.3014 - Info Disclosure
Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths. The corresponding file paths can be tested, and in some cases, result in the disclosure of hardcoded credentials, API keys, or other sensitive data.
8 stars
CVSS 7.5
CVE-2021-43032 NOMISEC MEDIUM WRITEUP
XenForo <2.2.7 - XSS
In XenForo through 2.2.7, a threat actor with access to the admin panel can create a new Advertisement via the Advertising function, and save an XSS payload in the body of the HTML document. This payload will execute globally on the client side.
2 stars
CVSS 4.8
CVE-2021-33318 WRITEUP CRITICAL WRITEUP
Joel Christner .NET C# packages - Input Validation Vulnerability
An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addresses and netmasks against the internal Matcher list of IP addresses and subnets.
CVSS 9.8
CVE-2022-27226 EXPLOITDB HIGH python WORKING POC
IRZ Ru21 Firmware < 2022-03-16 - CSRF
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat actor to gain filesystem access. In addition, if the router's default credentials aren't rotated or a threat actor discovers valid credentials, remote code execution can be achieved without user interaction.
CVSS 8.8