shekyan

4 exploits Active since Jun 2021
CVE-2021-33818 WRITEUP HIGH WORKING POC
UniFi Protect G3 FLEX Camera UVC.v4.30.0.67 - Denial of Service via Incomplete HTTP Request
An issue was discovered in UniFi Protect G3 FLEX Camera Version UVC.v4.30.0.67. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
CVSS 7.5
CVE-2021-33822 WRITEUP HIGH WORKING POC
4GEE ROUTER HH70VB Firmware HH70_E1_02.00_22 - Denial of Service via Incomplete HTTP Request
An issue was discovered on 4GEE ROUTER HH70VB Version HH70_E1_02.00_22. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
CVSS 7.5
CVE-2021-33824 WRITEUP HIGH WORKING POC
MOXA Mgate MB3180 2.1 Build 18113012 - Denial of Service via Incomplete HTTP Request
An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service.
CVSS 7.5
EIP-2026-101283 EXPLOITDB text WORKING POC
Foscam IP (Multiple Cameras) - Multiple Cross-Site Request Forgery Vulnerabilities