Nicholas Starke

4 exploits Active since Oct 2013
CVE-2016-11021 EXPLOITDB HIGH ruby WORKING POC
D-Link DCS-930L Firmware < 2.12 - Remote Code Execution via SystemCommand Parameter
setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter.
CVSS 7.2
CVE-2019-19494 METASPLOIT HIGH ruby WORKING POC
Broadcom based cable modems - Buffer Overflow
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21_T4, Sagemcom F@st 3890 prior to 05.76.6.3f, Sagemcom F@st 3686 3.428.0, Sagemcom F@st 3686 4.83.0, NETGEAR CG3700EMR 2.01.05, NETGEAR CG3700EMR 2.01.03, NETGEAR C6250EMR 2.01.05, NETGEAR C6250EMR 2.01.03, Technicolor TC7230 STEB 01.25, COMPAL 7284E 5.510.5.11, and COMPAL 7486E 5.510.5.11.
CVSS 8.8
CVE-2013-2578 METASPLOIT ruby WORKING POC
TP-Link IP Cameras <LM.1.6.18P12_sign6 - RCE
cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the ServerName parameter and (2) other unspecified parameters.
CVE-2016-11021 METASPLOIT HIGH ruby WORKING POC
D-Link DCS-930L Firmware < 2.12 - Remote Code Execution via SystemCommand Parameter
setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter.
CVSS 7.2