Miguel Mendez Z.

CVE-2020-10181 WRITEUP CRITICAL WORKING POC

Sumavision Enhanced Multimedia Router Firmware 3.0.4.27 - Cross-Site Request Forgery via formEMR30

goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_user<*1*>administrator<*1*>123456 request.

CVSS 9.8

View Code

CVE-2019-17621 METASPLOIT CRITICAL ruby WORKING POC

D-Link DIR-859 Firmware < 1.05b03 - Unauthenticated Remote Code Execution via UPnP gena.cgi

The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.

CVSS 9.8

View Code

CVE-2019-5526 EXPLOITDB HIGH text WORKING POC

VMware Workstation 15.0.0-15.0.x - DLL Hijacking Privilege Escalation

VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a windows host where Workstation is installed.

CVSS 7.8

View Code

EIP-2026-100308 EXPLOITDB text WORKING POC

Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery (Add Admin)

View Code