fj016

2 exploits Active since Nov 2024

CVE-2024-41992 NOMISEC HIGH WORKING POC

Wi-Fi Alliance wfa_dut <9.0.0 - Command Injection

Wi-Fi Alliance wfa_dut (in Wi-Fi Test Suite) through 9.0.0 allows OS command injection via 802.11x frames because the system() library function is used. For example, on Arcadyan FMIMG51AX000J devices, this leads to wfaTGSendPing remote code execution as root via traffic to TCP port 8000 or 8080 on a LAN interface. On other devices, this may be exploitable over a WAN interface.

3 stars

CVSS 8.8

View Code

CVE-2026-40624 WRITEUP CRITICAL WRITEUP

AVer PTC cameras Files or Directories Accessible to External Parties

Improper input validation in AVer PTC500S, PTC115, PTC500+, and PTC115+ cameras may allow a remote, unauthenticated attacker to achieve arbitrary code execution via a specially crafted web request.

CVSS 9.8

View Code