yerodin - Security Researcher - Exploit Intelligence Platform

CVE-2022-45701 NOMISEC HIGH WORKING POC

Commscope Arris Tg2482a Firmware < 9.1.103 - Command Injection

Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.

7 stars

CVSS 8.8

View Code

CVE-2022-44149 NOMISEC HIGH WORKING POC

Nexxt Amp300 ARN02304U8 - RCE

The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required

CVSS 8.8

View Code

CVE-2022-46080 NOMISEC CRITICAL WORKING POC

Nexxt Nebula 1200-AC <15.03.06.60 - Auth Bypass, Command Injection

Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET.

CVSS 9.8

View Code