dhammerg - Security Researcher - Exploit Intelligence Platform

CVE-2024-4040 NOMISEC CRITICAL WORKING POC

CrushFTP <10.7.1-11.1.0 - RCE

A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.

5 stars

CVSS 9.8

View Code

CVE-2023-3519 NOMISEC CRITICAL WORKING POC

Unspecified Product <Version> - RCE

Unauthenticated remote code execution

5 stars

CVSS 9.8

View Code

CVE-2023-33669 NOMISEC CRITICAL WORKING POC

Tenda AC8V4.0-V16.03.34.06 - Buffer Overflow

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function.

2 stars

CVSS 9.8

View Code