Shellpei

5 exploits Active since Feb 2023
CVE-2023-23064 WRITEUP CRITICAL WRITEUP
Totolink A720r Firmware - Incorrect Authorization
TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control.
CVSS 9.8
CVE-2023-29707 WRITEUP MEDIUM SUSPICIOUS
Gbcom Lac Web Control Center - XSS
Cross Site Scripting (XSS) vulnerability in GBCOM LAC WEB Control Center version lac-1.3.x, allows attackers to create an arbitrary device.
CVSS 4.8
CVE-2023-29708 WRITEUP HIGH WRITEUP
Wavlink Wavrouter App - Incorrect Authorization
An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload.
CVSS 7.5
CVE-2023-29709 WRITEUP HIGH WRITEUP
Wildix WSG24POE <103SP7D190822 - Auth Bypass
An issue was discovered in /cgi-bin/login_rj.cgi in Wildix WSG24POE version 103SP7D190822, allows attackers to bypass authentication.
CVSS 7.5
CVE-2023-29711 WRITEUP CRITICAL WRITEUP
Interlink Psg-5124 Firmware - Origin Validation Error
An incorrect access control issue was discovered in Interlink PSG-5124 version 1.0.4, allows attackers to execute arbitrary code via crafted GET request.
CVSS 9.8