Michael Messner

83 exploits Active since Mar 1998
EIP-2026-101347 EXPLOITDB ruby WORKING POC
Linksys E1500/E2500 - 'apply.cgi' Remote Command Injection (Metasploit)
EIP-2026-101286 EXPLOITDB ruby WORKING POC
Fritz!Box Webcm - Command Injection (Metasploit)
CVE-2014-3936 EXPLOITDB ruby WORKING POC
D-Link DSP-W215 <1.01b06 - Buffer Overflow
Stack-based buffer overflow in the do_hnap function in www/my_cgi.cgi in D-Link DSP-W215 (Rev. A1) with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware 1.01 and earlier allows remote attackers to execute arbitrary code via a long Content-Length header in a GetDeviceSettings action in an HNAP request.
EIP-2026-101231 EXPLOITDB ruby WORKING POC
D-Link DIR-645 / DIR-815 - 'diagnostic.php' Command Execution (Metasploit)
EIP-2026-101221 EXPLOITDB ruby WORKING POC
D-Link Devices - UPnP M-SEARCH Multicast Command Injection (Metasploit)
CVE-2015-2051 EXPLOITDB HIGH ruby WORKING POC
Dlink Dir-645 Firmware < 1.05b01 - Command Injection
The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.
CVSS 8.8
EIP-2026-101217 EXPLOITDB ruby WORKING POC
D-Link Devices - 'hedwig.cgi' Remote Buffer Overflow in Cookie Header (Metasploit)
CVE-2015-2797 EXPLOITDB ruby WORKING POC
Airties Air Firmware < 1.0.2.0 - Memory Corruption
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.