exploitwritter

6 exploits Active since Apr 2009
CVE-2022-29337 NOMISEC CRITICAL WORKING POC
C-DATA FD702XW-X-R430 v2.1.13_X001 - Command Injection
C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request.
3 stars
CVSS 9.8
CVE-2022-25061 NOMISEC CRITICAL WORKING POC
TP-LINK TL-WR840N(ES)_V6.20_180709 - OS Command Injection via oal_setIp6DefaultRoute
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute.
2 stars
CVSS 9.8
CVE-2022-25060 NOMISEC CRITICAL WORKING POC
TP-LINK TL-WR840N(ES)_V6.20_180709 - OS Command Injection via oal_startPing
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing.
CVSS 9.8
CVE-2022-25062 NOMISEC HIGH WORKING POC
TP-LINK TL-WR840N(ES)_V6.20_180709 - Denial of Service via Integer Overflow in dm_checkString
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVSS 7.5
CVE-2022-25064 NOMISEC CRITICAL WORKING POC
TP-LINK TL-WR840N(ES)_V6.20_180709 - Remote Code Execution via oal_wan6_setIpAddr Function
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr.
CVSS 9.8
CVE-2009-1330 NOMISEC WORKING POC
Easy RM to MP3 Converter - Stack-based Buffer Overflow via Long Filename in Playlist File
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.