psytester

7 exploits Active since Aug 2019
CVE-2019-13030 WRITEUP HIGH WRITEUP
eQ-3 Homematic CCU3 - Info Disclosure
eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prior to 2.4.5 allows uncontrolled admin access to start or stop the Node.js process, resulting in the ability to obtain mediola configuration details. This is related to improper access control for addons configuration pages and a missing check in rc.d/97NeoServer.
CVSS 8.2
CVE-2019-9582 WRITEUP HIGH WRITEUP
eQ-3 Homematic CCU2 2.35.16 2.41.5 2.41.8 2.41.9 2.45.6 2.45.7 2.47.10 2.47.12 2.47.15 - Denial of Service
eQ-3 Homematic CCU2 outdated base software packages allows Denial of Service. CCU2 affected versions: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15.
CVSS 7.5
CVE-2019-9583 WRITEUP HIGH WRITEUP
eQ-3 Homematic CCU2 and CCU3 - Unauthenticated Denial of Service via Session ID Obtainment
eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This allows a Denial of Service and is a starting point for other attacks. Affected versions for CCU2: 2.35.16, 2.41.5, 2.41.8, 2.41.9, 2.45.6, 2.45.7, 2.47.10, 2.47.12, 2.47.15. Affected versions for CCU3: 3.41.11, 3.43.16, 3.45.5, 3.45.7, 3.47.10, 3.47.15.
CVSS 8.2
CVE-2019-9584 WRITEUP CRITICAL WRITEUP
eQ-3 Homematic AddOn 'CloudMatic' - Privilege Escalation
eQ-3 Homematic AddOn 'CloudMatic' on CCU2 and CCU3 allows uncontrolled admin access, resulting in the ability to obtain VPN profile details, shutting down the VPN service and to delete the VPN service configuration. This is related to improper access control for all /addons/mh/ pages.
CVSS 9.8
CVE-2019-9585 WRITEUP CRITICAL WRITEUP
eQ-3 Homematic CCU2 <2.47.10 & CCU3 <3.47.10 - Info Disclosure
eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access Control for Interface.***Metadata related operations, resulting in the ability to read, set and deletion of Metadata.
CVSS 9.8
CVE-2022-43571 METASPLOIT HIGH ruby WORKING POC
Authenticated RCE in Splunk (SimpleXML dashboard PDF generation)
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through the dashboard PDF generation component.
CVSS 8.8
CVE-2024-36985 METASPLOIT HIGH ruby WORKING POC
Authenticated RCE in Splunk (splunk_archiver app)
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunk_archiver“ application.
CVSS 8.8