EXTRABACON is a zero day remote code execution exploit for Cisco Adaptive Security Appliance (ASA) devices. It leverages an SNMP overflow and relies on knowing the target’s uptime and software…
>> CATEGORY: exploit
ESCALATEPLOWMAN is a privilege escalation exploit for WatchGuard firewalls of unknown versions that injects code via the ifconfig command. Note that this exploit is part of the recent public disclosure…
EPICBANANA is a privilege escalation exploit for Cisco Adaptive Security Appliance (ASA) and Cisco Private Internet eXchange (PIX) devices. Exploitation takes advantage of default Cisco credentials (password: cisco). ASA versions…
ELIGIBLECONTESTANT is a remote code execution exploit for TOPSEC firewalls. It leverages an HTTP POST parameter injection vulnerability. Versions affected include 3.3.005.057.1 to 3.3.010.024.1. Note that this exploit is part…
ELIGIBLECANDIDATE is a remote code execution exploit for TOPSEC firewalls. It leverages an HTTP cookie command injection vulnerability. Versions affected include 3.3.005.057.1 to 3.3.010.024.1. Note that this exploit is part…
QNAP QTS version 4.2.1 Build 20160601 suffers from an arbitrary file overwrite vulnerability.
QNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from a persistent cross site scripting vulnerability.
QNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from an OS command injection vulnerability.
QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.
QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.