Marcin Kozlowski

12 exploits Active since Dec 2007
CVE-2017-1000251 NOMISEC HIGH WORKING POC
Linux Kernel 2.6.32-4.13.1 - Remote Code Execution via Bluetooth L2CAP Configuration Response
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.
6 stars
CVSS 8.0
CVE-2023-37607 WRITEUP HIGH WRITEUP
Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 - Path Traversal via csvServer.php dir Parameter
Directory Traversal in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information via csvServer.php?file= with a .. in the dir parameter.
CVSS 7.5
CVE-2023-37608 WRITEUP HIGH WORKING POC
Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 - Use of Hard-coded Credentials
An issue in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information because there is an automaticsystems super admin account with astech as its hardcoded password.
CVSS 7.5
EIP-2026-119563 EXPLOITDB perl WORKING POC
3proxy 0.5.3g (Windows x86) - 'logurl()' Remote Buffer Overflow
CVE-2007-3039 EXPLOITDB c WORKING POC
Microsoft Message Queuing - Stack-based Buffer Overflow via RPC Opnum 0x06
Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server.
EIP-2026-105318 EXPLOITDB text WRITEUP
Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin
EIP-2026-105317 EXPLOITDB text WORKING POC
Automatic-Systems SOC FL9600 FastLine - Directory Transversal
EIP-2026-102705 EXPLOITDB c WORKING POC
NTPd ntp-4.2.6p5 - 'ctl_putdata()' Buffer Overflow (PoC)
CVE-2017-1000251 EXPLOITDB HIGH text WORKING POC
Linux Kernel 2.6.32-4.13.1 - Remote Code Execution via Bluetooth L2CAP Configuration Response
The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.
CVSS 8.0
CVE-2019-2107 EXPLOITDB HIGH text WORKING POC
Android 7.0-9 - Out-of-bounds Write in ihevcd_parse_pps
In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130024844.
CVSS 8.8
CVE-2017-0781 EXPLOITDB HIGH text WORKING POC
Android 4.4.4 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Remote Code Execution in Bluetooth
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146105.
CVSS 8.8
CVE-2019-2107 EXPLOITDB HIGH text WRITEUP
Android 7.0-9 - Out-of-bounds Write in ihevcd_parse_pps
In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130024844.
CVSS 8.8