Yerodin Richards

6 exploits Active since Sep 2022
CVE-2022-45701 NOMISEC HIGH WORKING POC
Commscope Arris Tg2482a Firmware < 9.1.103 - Command Injection
Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.
7 stars
CVSS 8.8
CVE-2022-44149 NOMISEC HIGH WORKING POC
Nexxt Amp300 ARN02304U8 - RCE
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required
CVSS 8.8
CVE-2022-46080 NOMISEC CRITICAL WORKING POC
Nexxt Nebula 1200-AC <15.03.06.60 - Auth Bypass, Command Injection
Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET.
CVSS 9.8
CVE-2022-45701 EXPLOITDB HIGH python WORKING POC
Commscope Arris Tg2482a Firmware < 9.1.103 - Command Injection
Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.
CVSS 8.8
CVE-2022-44149 EXPLOITDB HIGH python WORKING POC
Nexxt Amp300 ARN02304U8 - RCE
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required
CVSS 8.8
CVE-2022-37661 EXPLOITDB CRITICAL python WORKING POC
Adtran Sr510n Firmware - Remote Code Execution
SmartRG SR506n 2.5.15 and SR510n 2.6.13 routers are vulnerable to Remote Code Execution (RCE) via the ping host feature.
CVSS 9.8