Michael Messner

83 exploits Active since Mar 1998
CVE-2014-9727 METASPLOIT ruby WORKING POC
AVM Fritz!Box - RCE
AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter to cgi-bin/webcm.
CVE-2013-7389 METASPLOIT ruby WORKING POC
D-Link DIR-645 Router - XSS
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceid parameter to parentalcontrols/bind.php, (2) RESULT parameter to info.php, or (3) receiver parameter to bsc_sms_send.php.
CVE-2015-2797 METASPLOIT ruby WORKING POC
Airties Air Firmware < 1.0.2.0 - Memory Corruption
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.
CVE-2014-8361 METASPLOIT CRITICAL ruby WORKING POC
Realtek SDK - RCE
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
CVSS 9.8
CVE-2014-100005 METASPLOIT HIGH ruby WORKING POC
Dlink Dir-600 Firmware < 2.16ww - CSRF
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account or (2) enable remote management via a crafted configuration module to hedwig.cgi, (3) activate new configuration settings via a SETCFG,SAVE,ACTIVATE action to pigwidgeon.cgi, or (4) send a ping via a ping action to diagnostic.php.
CVSS 8.0
CVE-2014-1635 METASPLOIT ruby WORKING POC
Belkin N750 Router <F9K1103_WW_1.10.17m - Buffer Overflow
Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with firmware before F9K1103_WW_1.10.17m allows remote attackers to execute arbitrary code via a long string in the jump parameter.
CVE-2013-10049 METASPLOIT CRITICAL ruby WORKING POC
Raidsonic NAS - Command Injection
An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize user-supplied input in the timeZone parameter of a POST request, allowing remote attackers to inject arbitrary shell commands.
CVE-2025-34125 METASPLOIT CRITICAL ruby WORKING POC
D-Link DSP-W110A1 <1.05B01 - Command Injection
An unauthenticated command injection vulnerability exists in the cookie handling process of the lighttpd web server on D-Link DSP-W110A1 firmware version 1.05B01. This occurs when specially crafted cookie values are processed, allowing remote attackers to execute arbitrary commands on the underlying Linux operating system. Successful exploitation enables full system compromise.
EIP-2026-114782 EXPLOITDB ruby WORKING POC
D-Link Devices - UPnP SOAP TelnetD Command Execution (Metasploit)
CVE-2014-8361 EXPLOITDB CRITICAL ruby WORKING POC
Realtek SDK - RCE
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
CVSS 9.8
CVE-2015-1187 EXPLOITDB CRITICAL ruby WORKING POC
D-Link Routers - Remote Code Execution via ping.ccp
The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary code via the ping_addr parameter to ping.ccp.
CVSS 9.8
CVE-2013-3307 EXPLOITDB HIGH text WORKING POC
Linksys E1000/E1200/E3200 - Command Injection
Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0.04 allow OS command injection via shell metacharacters in the apply.cgi ping_ip parameter on TCP port 52000.
CVSS 8.3
CVE-2013-2679 EXPLOITDB MEDIUM text WORKING POC
Cisco Linksys E4200 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the (1) log_type, (2) ping_ip, (3) ping_size, (4) submit_type, or (5) traceroute_ip parameter to apply.cgi or (6) new_workgroup or (7) submit_button parameter to storage/apply.cgi.
CVSS 6.1
CVE-2013-2678 EXPLOITDB HIGH text WORKING POC
Cisco Linksys E4200 1.0.05 - Code Injection
Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter.
CVSS 8.1
EIP-2026-101836 EXPLOITDB text WORKING POC
Linksys WAG200G - Multiple Vulnerabilities
CVE-2013-2678 EXPLOITDB HIGH text WORKING POC
Cisco Linksys E4200 1.0.05 - Code Injection
Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter.
CVSS 8.1
EIP-2026-101689 EXPLOITDB text WRITEUP
Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities
EIP-2026-101649 EXPLOITDB text WRITEUP
D-Link DSL-320B - Multiple Vulnerabilities
EIP-2026-101630 EXPLOITDB text WRITEUP
D-Link DIR-615 Rev D3 / DIR-300 Rev A - Multiple Vulnerabilities
EIP-2026-101613 EXPLOITDB text WRITEUP
D-Link - Multiple Vulnerabilities
EIP-2026-101614 EXPLOITDB text WRITEUP
D-Link - OS-Command Injection via UPnP Interface
CVE-2012-6276 EXPLOITDB text WRITEUP
Tp-link Tl-wr841n Firmware - Path Traversal
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.
EIP-2026-101905 EXPLOITDB text WRITEUP
OpenPLI 3.0 Beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities
EIP-2026-101215 EXPLOITDB ruby WORKING POC
D-Link Devices - 'Authentication.cgi' Remote Buffer Overflow (Metasploit)
EIP-2026-101351 EXPLOITDB ruby WORKING POC
Linksys WRT54GL - 'apply.cgi' Command Execution (Metasploit)