Karn Ganeshen

54 exploits Active since Feb 2010
CVE-2010-0607 EXPLOITDB text WORKING POC
Sterlite SAM300 AX Router - Cross-Site Scripting via Stat_Radio Parameter
Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM300 AX Router allows remote attackers to inject arbitrary web script or HTML via the Stat_Radio parameter.
EIP-2026-101408 EXPLOITDB text WRITEUP
PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities
EIP-2026-100767 EXPLOITDB text WORKING POC
Cambium ePMP 1000 - Multiple Vulnerabilities
CVE-2017-5255 EXPLOITDB HIGH ruby WORKING POC
Cambium Networks ePMP <3.5 - Command Injection
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-characters as part of a specially-crafted POST request to the get_chart function and run OS-level commands, effectively as root.
CVSS 8.8