Squirre17

5 exploits Active since Feb 2019
CVE-2022-42703 NOMISEC MEDIUM WORKING POC
Linux Kernel < 5.19.7 - Use-After-Free in anon_vma Reuse
mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
4 stars
CVSS 5.5
CVE-2019-17621 NOMISEC CRITICAL WORKING POC
D-Link DIR-859 Firmware < 1.05b03 - Unauthenticated Remote Code Execution via UPnP gena.cgi
The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network.
3 stars
CVSS 9.8
CVE-2019-8985 NOMISEC CRITICAL WORKING POC
Netis WF2411 and WF2880 Firmware - Unauthenticated Stack-Based Buffer Overflow via HTTP Authorization Header
On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices (possibly WF2411 through WF2880), there is a stack-based buffer overflow that does not require authentication. This can cause denial of service (device restart) or remote code execution. This vulnerability can be triggered by a GET request with a long HTTP "Authorization: Basic" header that is mishandled by user_auth->user_ok in /bin/boa.
2 stars
CVSS 9.8
CVE-2022-34598 GITLAB CRITICAL WORKING POC
H3C Magic R100 V200R004 and V100R005 - Remote Code Execution via udpserver on Port 9034
The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands.
CVSS 9.8
CVE-2021-4034 VULNCHECK_XDB HIGH WORKING POC
Local Privilege Escalation in polkits pkexec
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
CVSS 7.8