Quentin Kaiser

16 exploits Active since Jan 2017
CVE-2020-8956 METASPLOIT LOW ruby WORKING POC
Pulse Secure Desktop Client <9.0R5, <9.1R4 - Info Disclosure
Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users' passwords if Save Settings is enabled.
CVSS 3.3
CVE-2022-4572 WRITEUP MEDIUM WRITEUP
UBI Reader < 0.8.0 - Path Traversal in UBIFS File Handler
A vulnerability, which was classified as problematic, has been found in UBI Reader up to 0.8.0. Affected by this issue is the function ubireader_extract_files of the file ubireader/ubifs/output.py of the component UBIFS File Handler. The manipulation leads to path traversal. The attack may be launched remotely. Upgrading to version 0.8.5 is able to address this issue. The name of the patch is d5d68e6b1b9f7070c29df5f67fc060f579ae9139. It is recommended to upgrade the affected component. VDB-216146 is the identifier assigned to this vulnerability.
CVSS 5.4
CVE-2022-4885 WRITEUP MEDIUM WRITEUP
sviehb jefferson <0.4 - Path Traversal
A vulnerability has been found in sviehb jefferson up to 0.3 and classified as critical. This vulnerability affects unknown code of the file src/scripts/jefferson. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 0.4 is able to address this issue. The name of the patch is 53b3f2fc34af0bb32afbcee29d18213e61471d87. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218020.
CVSS 5.0
CVE-2019-16278 METASPLOIT CRITICAL ruby WORKING POC
nostromo_nhttpd <= 1.9.6 - Remote Code Execution via Directory Traversal in http_verify
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.
CVSS 9.8
CVE-2017-16709 METASPLOIT HIGH ruby WORKING POC
Crestron Airmedia <1.6.0, <2.7.0 - RCE
Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote authenticated administrators to execute arbitrary code via unspecified vectors.
CVSS 7.2
CVE-2019-1663 METASPLOIT CRITICAL ruby WORKING POC
Cisco RV110W RV130W RV215W - Unauthenticated Remote Code Execution via Web Management Interface
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.
CVSS 9.8
CVE-2016-6267 METASPLOIT HIGH ruby WORKING POC
Trend Micro Smart Protection Server <3.0.1330 - Command Injection
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) spare_Community, (2) spare_AllowGroupIP, or (3) spare_AllowGroupNetmask parameter to admin_notification.php.
CVSS 8.8
CVE-2019-16278 EXPLOITDB CRITICAL ruby WORKING POC
nostromo_nhttpd <= 1.9.6 - Remote Code Execution via Directory Traversal in http_verify
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.
CVSS 9.8
EIP-2026-103896 EXPLOITDB ruby WORKING POC
Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)
CVE-2017-16709 EXPLOITDB HIGH ruby WORKING POC
Crestron Airmedia <1.6.0, <2.7.0 - RCE
Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote authenticated administrators to execute arbitrary code via unspecified vectors.
CVSS 7.2
EIP-2026-103136 EXPLOITDB ruby WORKING POC
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)
EIP-2026-103135 EXPLOITDB ruby WORKING POC
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)
EIP-2026-103134 EXPLOITDB ruby WORKING POC
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)
EIP-2026-103133 EXPLOITDB ruby WORKING POC
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)
CVE-2019-1663 EXPLOITDB CRITICAL ruby WORKING POC
Cisco RV110W RV130W RV215W - Unauthenticated Remote Code Execution via Web Management Interface
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.
CVSS 9.8
CVE-2019-1663 EXPLOITDB CRITICAL ruby WORKING POC
Cisco RV110W RV130W RV215W - Unauthenticated Remote Code Execution via Web Management Interface
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.
CVSS 9.8