Quadron Research Lab

4 exploits Active since Jan 2021
CVE-2021-47789 EXPLOITDB HIGH python WORKING POC
Yenkee Yms 3029 Firmware - Out-of-Bounds Write
Yenkee Hornet Gaming Mouse driver GM312Fltr.sys contains a buffer overrun vulnerability that allows attackers to crash the system by sending oversized input. Attackers can exploit the driver by sending a 2000-byte buffer through DeviceIoControl to trigger a kernel-level system crash.
CVSS 7.5
CVE-2021-47786 EXPLOITDB HIGH python WORKING POC
Redragon M725-lit Firmware - Out-of-Bounds Write
Redragon Gaming Mouse driver contains a kernel-level vulnerability that allows attackers to trigger a denial of service by sending malformed IOCTL requests. Attackers can send a crafted 2000-byte buffer with specific byte patterns to the REDRAGON_MOUSE device to crash the kernel driver.
CVSS 7.5
CVE-2021-47732 EXPLOITDB MEDIUM text WRITEUP
Cmsimple - XSS
CMSimple 5.2 contains a stored cross-site scripting vulnerability in the Filebrowser External input field that allows attackers to inject malicious JavaScript. Attackers can place unfiltered JavaScript code that executes when users click on Page or Files tabs, enabling persistent script injection.
CVSS 6.1
CVE-2021-3111 EXPLOITDB MEDIUM text WRITEUP
Concretecms Concrete Cms < 8.5.5 - XSS
The Express Entries Dashboard in Concrete5 8.5.4 allows stored XSS via the name field of a new data object at an index.php/dashboard/express/entries/view/ URI.
CVSS 4.8