k4nfr3

2 exploits Active since Jun 2019

CVE-2024-9474 NOMISEC HIGH WORKING POC

PAN-OS >=10.1.0 <10.1.14 - Authenticated Privilege Escalation to Root via Management Interface

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

9 stars

CVSS 7.2

View Code

CVE-2018-13379 NOMISEC CRITICAL WORKING POC

FortiProxy < 1.2.9 and FortiOS 5.4.6-5.4.12 - Unauthenticated Path Traversal via SSL VPN Web Portal

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.

6 stars

CVSS 9.1

View Code