Nassim Asrir

21 exploits Active since Mar 2017
CVE-2018-25159 EXPLOITDB CRITICAL python WORKING POC
Epross AVCON6 - Command Injection
Epross AVCON6 systems management platform contains an object-graph navigation language (OGNL) injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by injecting malicious OGNL expressions. Attackers can send crafted requests to the login.action endpoint with OGNL payloads in the redirect parameter to instantiate ProcessBuilder objects and execute system commands with root privileges.
CVSS 9.8
CVE-2019-14923 EXPLOITDB HIGH python WORKING POC
Eyesofnetwork - OS Command Injection
EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field.
CVSS 8.8
CVE-2018-16752 EXPLOITDB HIGH python WORKING POC
LINK-NET LW-N605R - RCE
LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases.
CVSS 8.8
CVE-2017-18025 EXPLOITDB CRITICAL python WORKING POC
Innotube Itguard Manager - OS Command Injection
cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter.
CVSS 9.8
CVE-2018-6911 EXPLOITDB CRITICAL html WORKING POC
Advantech Webaccess - OS Command Injection
The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter).
CVSS 9.8
EIP-2026-117557 EXPLOITDB python WORKING POC
Microsoft Windows 10 build 1809 - Local Privilege Escalation (UAC Bypass)
CVE-2020-14425 EXPLOITDB HIGH WORKING POC
Foxit Reader <10.0 - RCE
Foxit Reader before 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. An attacker can execute local files and bypass the security dialog.
CVSS 7.8
EIP-2026-115818 EXPLOITDB text WORKING POC
Microsoft Windows Speech Recognition - Buffer Overflow (PoC)
CVE-2019-6192 EXPLOITDB MEDIUM c WORKING POC
Lenovo Power Management Driver < 1.67.17.48 - Buffer Overflow
A potential vulnerability has been reported in Lenovo Power Management Driver versions prior to 1.67.17.48 leading to a buffer overflow which could cause a denial of service.
CVSS 4.4
CVE-2017-6880 EXPLOITDB CRITICAL text WORKING POC
Cerberus FTP Server <8.0.10.3 - Buffer Overflow
Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command.
CVSS 9.8
EIP-2026-115149 EXPLOITDB text WRITEUP
Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow
CVE-2019-16701 EXPLOITDB HIGH python WORKING POC
pfSense <2.4.4-p3 - RCE
pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value.
CVSS 8.8
EIP-2026-110304 EXPLOITDB text WRITEUP
Openexpert 0.5.17 - 'area_id' SQL Injection
EIP-2026-109672 EXPLOITDB text WRITEUP
My PHP Dating 2.0 - 'id' SQL Injection
CVE-2017-7874 EXPLOITDB c WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
EIP-2026-102715 EXPLOITDB text WORKING POC
pinfo 0.6.9 - Local Buffer Overflow (PoC)
EIP-2026-102761 EXPLOITDB text WORKING POC
wifirxpower - Local Buffer Overflow (PoC)
EIP-2026-102731 EXPLOITDB text WORKING POC
reiserfstune 3.6.25 - Local Buffer Overflow
EIP-2026-101591 EXPLOITDB text WORKING POC
Cisco SA520W Security Appliance - Path Traversal
EIP-2026-101803 EXPLOITDB text WRITEUP
Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 - Insecure Configuration Management
CVE-2017-11165 EXPLOITDB CRITICAL text WORKING POC
Datataker Dt80 Dex Firmware - Information Disclosure
dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI.
CVSS 9.8