Kevin Randall

15 exploits Active since Mar 2018
CVE-2019-25614 EXPLOITDB CRITICAL python WORKING POC
Free Float FTP 1.0 STOR Command Remote Buffer Overflow
Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command handler that allows remote attackers to execute arbitrary code by sending a crafted STOR request with an oversized payload. Attackers can authenticate with anonymous credentials and send a malicious STOR command containing 247 bytes of padding followed by a return address and shellcode to trigger code execution on the FTP server.
CVSS 9.8
CVE-2019-25604 EXPLOITDB HIGH python WORKING POC
DVDXPlayer Pro 5.5 Local Buffer Overflow with SEH
DVDXPlayer Pro 5.5 contains a local buffer overflow vulnerability with structured exception handling that allows local attackers to execute arbitrary code by crafting malicious playlist files. Attackers can create a specially crafted .plf file containing shellcode and NOP sleds that overflows a buffer and hijacks the SEH chain to execute arbitrary code with application privileges.
CVSS 8.4
CVE-2022-29014 EXPLOITDB HIGH text WORKING POC
Razer Sila Gaming Router <2.0.441_api-2.0.418 - Info Disclosure
A local file inclusion vulnerability in Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to read arbitrary files.
CVSS 7.5
CVE-2022-29013 EXPLOITDB CRITICAL text WORKING POC
Razer Sila Gaming Router <v2.0.441_api-2.0.418 - Command Injection
A command injection in the command parameter of Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to execute arbitrary commands via a crafted POST request.
CVSS 9.8
CVE-2019-10009 EXPLOITDB MEDIUM text WORKING POC
Titan FTP Server 2019 Build 3505 - Path Traversal
A Directory Traversal issue was discovered in the Web GUI in Titan FTP Server 2019 Build 3505. When an authenticated user attempts to preview an uploaded file (through PreviewHandler.ashx) by using a \..\..\ technique, arbitrary files can be loaded in the server response outside the root directory.
CVSS 6.5
EIP-2026-118391 EXPLOITDB text WORKING POC
CoreFTP 2.0 Build 674 SIZE - Directory Traversal (Metasploit)
EIP-2026-118390 EXPLOITDB text WORKING POC
CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)
EIP-2026-118578 EXPLOITDB python WORKING POC
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow
EIP-2026-118579 EXPLOITDB python WORKING POC
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow
CVE-2019-9648 EXPLOITDB MEDIUM text WORKING POC
Core FTP <2.0 Build 674 - Path Traversal
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a \..\..\ substring, allowing an attacker to enumerate file existence based on the returned information.
CVSS 5.3
CVE-2019-9649 EXPLOITDB MEDIUM text WORKING POC
Core FTP <2.0 Build 674 - Info Disclosure
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal technique (..\..\) to browse outside the root directory to determine the existence of a file on the operating system, and its last modified date.
CVSS 5.3
CVE-2018-12710 EXPLOITDB HIGH text WORKING POC
D-Link DIR-601 2.02NA - Info Disclosure
An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having only "User" account (which is a low privilege account) access, an attacker can intercept the response from a POST request to obtain "Admin" rights due to the admin password being displayed in XML.
CVSS 8.0
EIP-2026-101866 EXPLOITDB python WORKING POC
Netgear R6400 - Remote Code Execution
CVE-2018-5708 EXPLOITDB HIGH text WORKING POC
D-Link DIR-601 B1 2.02NA - Info Disclosure
An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as, but being unauthenticated to, the administrator's panel, a user can obtain the admin username and cleartext password in the response (specifically, the configuration file restore_default), which is displayed in XML.
CVSS 8.0
CVE-2019-16758 EXPLOITDB HIGH text WORKING POC
Lexmark Services Monitor <2.27.4.0.39 - Path Traversal
In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system.
CVSS 7.5