Samir Sanchez Garnica

7 exploits Active since Feb 2022
CVE-2022-25064 NOMISEC CRITICAL WORKING POC
Tp-link Tl-wr840n Firmware - OS Command Injection
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr.
21 stars
CVSS 9.8
CVE-2022-29337 NOMISEC CRITICAL WORKING POC
C-DATA FD702XW-X-R430 v2.1.13_X001 - Command Injection
C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request.
3 stars
CVSS 9.8
CVE-2022-25061 NOMISEC CRITICAL WORKING POC
Tp-link Tl-wr840n Firmware - OS Command Injection
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute.
2 stars
CVSS 9.8
CVE-2022-25064 NOMISEC CRITICAL WORKING POC
Tp-link Tl-wr840n Firmware - OS Command Injection
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr.
CVSS 9.8
CVE-2022-25062 NOMISEC HIGH WORKING POC
Tp-link Tl-wr840n Firmware - Integer Overflow
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVSS 7.5
CVE-2022-25060 NOMISEC CRITICAL WORKING POC
Tp-link Tl-wr840n Firmware - OS Command Injection
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing.
CVSS 9.8
CVE-2019-25357 EXPLOITDB HIGH python WORKING POC
Control Center PRO 6.2.9 - Buffer Overflow
Control Center PRO 6.2.9 contains a stack-based buffer overflow vulnerability in the user creation module's username field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicious payload exceeding 664 bytes to inject shellcode and potentially execute arbitrary code on vulnerable Windows systems.
CVSS 8.4