RySh

CVE-2014-0683 EXPLOITDB python WORKING POC

Cisco RV110W RV215W CVR100W - Authentication Replay Attack via Modified Request

The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.

View Code

CVE-2015-6396 EXPLOITDB HIGH python WORKING POC

Cisco RV110W, RV130W, and RV215W - OS Command Injection via CLI Command Parser

The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567.

CVSS 7.8

View Code