Miguel Mendez Z. (s1kr10s)

3 exploits Active since Jan 2020
CVE-2023-33625 METASPLOIT CRITICAL ruby WORKING POC
D-Link DIR-600 <2.18 - Command Injection
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxmldbc_system() function.
CVSS 9.8
CVE-2019-20215 METASPLOIT CRITICAL ruby WORKING POC
D-Link DIR-859 1.05 and 1.06B01 - Unauthenticated OS Command Injection via M-SEARCH Method
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters.
CVSS 9.8
CVE-2020-15893 METASPLOIT CRITICAL ruby WORKING POC
D-Link DIR-816L Firmware 2.x - OS Command Injection via UPnP SSDP M-SEARCH ST Field
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover packet.
CVSS 9.8