Ke Xu

7 exploits Active since Jun 2024
CVE-2024-37661 WRITEUP MEDIUM WRITEUP
Tp-link Tl-7dr5130 Firmware - Origin Validation Error
TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages.
CVSS 6.3
CVE-2024-37662 WRITEUP MEDIUM WRITEUP
Tp-link Tl-7dr5130 Firmware - Denial of Service
TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router.
CVSS 6.3
CVE-2024-37663 WRITEUP MEDIUM WRITEUP
Redmi Router RB03 <1.0.57 - SSRF
Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages.
CVSS 4.1
CVE-2024-37664 WRITEUP MEDIUM WRITEUP
Redmi Ax6s Firmware - Denial of Service
Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router.
CVSS 5.2
CVE-2024-57412 WRITEUP HIGH WRITEUP
SunOS Omnios <5.11 - DoS
An issue in SunOS Omnios v5.11 allows attackers to cause a Denial of Service (DoS) via repeatedly sending crafted TCP packets.
CVSS 7.5
CVE-2025-56233 WRITEUP HIGH WRITEUP
Openindiana kernel SunOS 5.11 - DoS
Openindiana, kernel SunOS 5.11 has a denial of service vulnerability. For the processing of TCP packets with RST or SYN flag set, Openindiana has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within the current receive window, which violates RFC5961. This flaw allows attackers to send multiple random TCP RST/SYN packets to hit the acceptable range of sequence numbers, thereby interrupting normal connections and causing a denial of service attack.
CVSS 7.5
CVE-2025-56234 WRITEUP HIGH WRITEUP
AT_NA2000 - DoS
AT_NA2000 from Nanda Automation Technology vendor has a denial-of-service vulnerability. For the processing of TCP RST packets, PLC AT_NA2000 has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within the current receive window, which violates RFC5961. This flaw allows attackers to send multiple random TCP RST packets to hit the acceptable range of sequence numbers, thereby interrupting normal connections and causing a denial-of-service attack.
CVSS 7.5