Thurein Soe

5 exploits Active since Jun 2022
CVE-2022-28171 NOMISEC HIGH WORKING POC
Hikvision Hybrid SAN/Cluster Storage Firmware < 2.3.8-6 - OS Command Injection
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device.
4 stars
CVSS 7.5
CVE-2023-27010 EXPLOITDB HIGH text WORKING POC
Wondershare Dr.Fone <12.9.6 - Privilege Escalation
Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable.
CVSS 7.8
CVE-2023-31748 EXPLOITDB HIGH text WRITEUP
MobileTrans <4.0.11 - Privilege Escalation
Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file.
CVSS 7.8
CVE-2023-31747 EXPLOITDB HIGH text WRITEUP
Wondershare Filmora <12.2.1.2088 - Privilege Escalation
Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges.
CVSS 7.8
CVE-2022-28171 EXPLOITDB HIGH python WORKING POC
Hikvision Hybrid SAN/Cluster Storage Firmware < 2.3.8-6 - OS Command Injection
The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the insufficient input validation, attacker can exploit the vulnerability to execute restricted commands by sending messages with malicious commands to the affected device.
CVSS 7.5