hkm

12 exploits Active since Aug 2007
CVE-2007-4387 METASPLOIT ruby WORKING POC
2wire 1701HG and 2071 Gateway Routers - Cross-Site Request Forgery in /xslt
Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG and 2071 Gateway routers, with 3.17.5 and 5.29.51 software, allows remote attackers to perform certain configuration changes as administrators.
EIP-2026-104830 EXPLOITDB text WRITEUP
2WIRE Gateway - Authentication Bypass / Password Reset (2)
EIP-2026-101786 EXPLOITDB text WORKING POC
Huawei HG866 - Authentication Bypass
EIP-2026-101142 EXPLOITDB text WORKING POC
2WIRE Routers - 'CD35_SETUP_01' Access Validation
CVE-2007-4389 EXPLOITDB text WORKING POC
2wire 1701HG, 1800HW, and 2071 Gateway Routers - Cross-Site Request Forgery via NAME and ADDR Parameters
Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters.
EIP-2026-101307 EXPLOITDB text WRITEUP
Huawei EchoLife HG520 3.10.18.5-1.0.5.0 - Remote Information Disclosure
CVE-2008-6916 EXPLOITDB text WORKING POC
Siemens SpeedStream 5200 with NetPort Software 1.1 - Authentication Bypass via Invalid Host Header
Siemens SpeedStream 5200 with NetPort Software 1.1 allows remote attackers to bypass authentication via an invalid Host header, possibly involving a trailing dot in the hostname.
EIP-2026-101306 EXPLOITDB text WORKING POC
Huawei EchoLife HG520 - Remote Information Disclosure
EIP-2026-101023 EXPLOITDB text WORKING POC
Huawei EchoLife HG520c - Modem Reset (Denial of Service)
EIP-2026-101141 EXPLOITDB text WORKING POC
2WIRE Gateway - Authentication Bypass / Password Reset (1)
CVE-2008-6605 EXPLOITDB text WORKING POC
2wire 1701HG 1800HW 2071HG 2700HG - Cross-Site Request Forgery via XSLT Script
Cross-site request forgery (CSRF) vulnerability in the xslt script in the web-based management interface on the 2wire 1701HG, 1800HW, 2071HG, and 2700HG with firmware 3.17.5, 3.7.1, 4.25.19, or 5.29.51 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that cause a denial of service (network outage) via a page parameter with a % (percent) character followed by a non-alphanumeric character.
EIP-2026-100973 EXPLOITDB python WORKING POC
2WIRE Router 5.29.52 - Remote Denial of Service