Writeup Exploits

59,964 exploits tracked across all sources.

Sort: Activity Stars

CVE-2024-32982 WRITEUP HIGH

Pypi Litestar < 2.8.3 - Path Traversal

Litestar and Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.8.3, 2.7.2, and 2.6.4, a Local File Inclusion (LFI) vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit path traversal flaws, enabling unauthorized access to sensitive files outside the designated directories. Such access can lead to the disclosure of sensitive information or potentially compromise the server. The vulnerability is located in the file path handling mechanism within the static content serving function, specifically at `litestar/static_files/base.py`. This vulnerability is fixed in versions 2.8.3, 2.7.2, and 2.6.4.

CVSS 8.2

View

CVE-2024-3219 WRITEUP MEDIUM

socket - Connection Race

The “socket” module provides a pure-Python fallback to the socket.socketpair() function for platforms that don’t support AF_UNIX, such as Windows. This pure-Python implementation uses AF_INET or AF_INET6 to create a local connected pair of sockets. The connection between the two sockets was not verified before passing the two sockets back to the user, which leaves the server socket vulnerable to a connection race from a malicious local peer. Platforms that support AF_UNIX such as Linux and macOS are not affected by this vulnerability. Versions prior to CPython 3.5 are not affected due to the vulnerable API not being included.

View

CVE-2024-3272 WRITEUP CRITICAL

Dlink Dns-320l Firmware - Hard-coded Credentials

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user with the input messagebus leads to hard-coded credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259283. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.

CVSS 9.8

View

CVE-2024-3273 WRITEUP HIGH

Dlink Dns-320l Firmware - Command Injection

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.

CVSS 7.3

View

CVE-2024-33111 WRITEUP MEDIUM

Dlink Dir-845l Firmware < 1.01krb03 - XSS

D-Link DIR-845L router <=v1.01KRb03 is vulnerable to Cross Site Scripting (XSS) via /htdocs/webinc/js/bsc_sms_inbox.php.

CVSS 5.4

View

CVE-2024-33112 WRITEUP HIGH

Dlink Dir-845l Firmware < 1.01krb03 - Command Injection

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main()func.

CVSS 7.5

View

CVE-2024-33113 WRITEUP MEDIUM

Dlink Dir-845l Firmware < 1.01krb03 - Command Injection

D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php.

CVSS 5.3

View

CVE-2024-33309 WRITEUP HIGH

TVS Motor Company Limited TVS Connet <4.5.1, 5.0.0 - Info Disclosure

An issue in TVS Motor Company Limited TVS Connet Android v.4.5.1 and iOS v.5.0.0 allows a remote attacker to obtain sensitive information via an insecure API endpoint. NOTE: this is disputed as discussed in the msn-official/CVE-Evidence repository.

CVSS 7.5

View

CVE-2024-33309 WRITEUP HIGH

TVS Motor Company Limited TVS Connet <4.5.1, 5.0.0 - Info Disclosure

CVSS 7.5

View

CVE-2024-33308 WRITEUP CRITICAL

TVS Motor Company Limited TVS Connet <5.0.0 - Privilege Escalation

An issue in TVS Motor Company Limited TVS Connet Android v.4.5.1 and iOS v.5.0.0 allows a remote attacker to escalate privileges via the Emergency Contact Feature. NOTE: this is disputed as discussed in the msn-official/CVE-Evidence repository.

CVSS 9.1

View

CVE-2024-33308 WRITEUP CRITICAL

TVS Motor Company Limited TVS Connet <5.0.0 - Privilege Escalation

CVSS 9.1

View

CVE-2024-33368 WRITEUP HIGH

Plasmoapp Rpshare - OS Command Injection

An issue in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary code via the build method in DonwloadPromptScreen

CVSS 8.8

View

CVE-2024-33369 WRITEUP HIGH

Plasmoapp Rpshare - Path Traversal

Directory Traversal vulnerability in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary code via the getFileNameFromConnection method in DownloadTask

CVSS 8.8

View

CVE-2024-33398 WRITEUP HIGH

Piraeusdatastore Piraeus-operator - Improper Privilege Management

There is a ClusterRole in piraeus-operator v2.5.0 and earlier which has been granted list secrets permission, which allows an attacker to impersonate the service account bound to this ClusterRole and use its high-risk privileges to list confidential information across the cluster.

CVSS 7.5

View

CVE-2024-33403 WRITEUP CRITICAL