neonsea

3 exploits Active since Jan 2018
CVE-2018-14533 EXPLOITDB HIGH python WORKING POC
Inteno IOPSYS - Privilege Escalation
read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp.
CVSS 7.8
CVE-2018-10123 EXPLOITDB HIGH python WORKING POC
p910nd - Inteno IOPSYS 2.0-4.2.0 - Info Disclosure
p910nd on Inteno IOPSYS 2.0 through 4.2.0 allows remote attackers to read, or append data to, arbitrary files via requests on TCP port 9100.
CVSS 8.8
CVE-2017-17867 EXPLOITDB HIGH python WORKING POC
Intenogroup Iopsys < 3.14 - Incorrect Permission Assignment
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. This issue existed because the /etc/uci-defaults directory was not being used to secure the OpenWrt configuration.
CVSS 8.8