Orwelllabs

11 exploits Active since Apr 2017
CVE-2015-8257 EXPLOITDB HIGH text WRITEUP
AXIS network cameras - Command Injection
The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml.
CVSS 8.8
EIP-2026-101513 EXPLOITDB text WRITEUP
ADH-Web Server IP-Cameras - Multiple Vulnerabilities
CVE-2015-8255 EXPLOITDB HIGH text WORKING POC
AXIS Communications Firmware - Cross-Site Request Forgery via admin/pwdgrp.cgi vaconfig.cgi and admin/local_del.cgi
AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi.
CVSS 8.8
CVE-2015-8258 EXPLOITDB HIGH text WRITEUP
AXIS Communications <5.80.x - Code Injection
AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability."
CVSS 7.5
CVE-2015-8256 EXPLOITDB MEDIUM text WRITEUP
Axis Network Camera Firmware - Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in Axis network cameras.
CVSS 6.1
EIP-2026-101816 EXPLOITDB text WRITEUP
JVC HDRs / Net (Multiple Cameras) - Multiple Vulnerabilities
EIP-2026-101922 EXPLOITDB text WRITEUP
PLANET Technology IP Surveillance Cameras - Multiple Vulnerabilities
EIP-2026-101928 EXPLOITDB text WRITEUP
PQI Air Pen Express 6W51-0000R2/6W51-0000R2XXX - Multiple Vulnerabilities
EIP-2026-102048 EXPLOITDB python WORKING POC
Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass
EIP-2026-101571 EXPLOITDB text WRITEUP
Brickcom Corporation Network Cameras - Multiple Vulnerabilities
EIP-2026-100852 EXPLOITDB text WRITEUP
Merit Lilin IP Cameras - Multiple Vulnerabilities