Michael Messner

85 exploits Active since Mar 1998
EIP-2026-101215 EXPLOITDB ruby WORKING POC
D-Link Devices - 'Authentication.cgi' Remote Buffer Overflow (Metasploit)
EIP-2026-101351 EXPLOITDB ruby WORKING POC
Linksys WRT54GL - 'apply.cgi' Command Execution (Metasploit)
EIP-2026-101347 EXPLOITDB ruby WORKING POC
Linksys E1500/E2500 - 'apply.cgi' Remote Command Injection (Metasploit)
EIP-2026-101286 EXPLOITDB ruby WORKING POC
Fritz!Box Webcm - Command Injection (Metasploit)
CVE-2014-3936 EXPLOITDB ruby WORKING POC
D-Link DSP-W215 <1.01b06 - Buffer Overflow
Stack-based buffer overflow in the do_hnap function in www/my_cgi.cgi in D-Link DSP-W215 (Rev. A1) with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware 1.01 and earlier allows remote attackers to execute arbitrary code via a long Content-Length header in a GetDeviceSettings action in an HNAP request.
EIP-2026-101231 EXPLOITDB ruby WORKING POC
D-Link DIR-645 / DIR-815 - 'diagnostic.php' Command Execution (Metasploit)
EIP-2026-101221 EXPLOITDB ruby WORKING POC
D-Link Devices - UPnP M-SEARCH Multicast Command Injection (Metasploit)
CVE-2015-2051 EXPLOITDB HIGH ruby WORKING POC
D-Link DIR-645 Firmware < 1.05b01 - Remote Code Execution via HNAP GetDeviceSettings Action
The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.
CVSS 8.8
EIP-2026-101217 EXPLOITDB ruby WORKING POC
D-Link Devices - 'hedwig.cgi' Remote Buffer Overflow in Cookie Header (Metasploit)
CVE-2015-2797 EXPLOITDB ruby WORKING POC
AirTies Air Firmware < 1.0.2.0 - Remote Code Execution via Long Redirect Parameter
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.