Hunting HTML 5 postMessage Vulnerabilities
>> TAG: #remote exploit
Hunting HTML 5 postMessage Vulnerabilities
C2S DVR Management IRDOME-II-C2S, IRBOX-II-C2S, DVR – Credentials Disclosure / Authentication Bypass
tcPbX – (tcpbx_lang) Local File Inclusion
MESSOA IP Cameras (Multiple Models) – Unauthenticated Password Change
Vanderbilt IP-Camera CCPW3025-IR, CVMW3025-IR – Credentials Disclosure
ZYCOO IP Phone System – Remote Command Execution
TOSHIBA IP-Camera IK-WP41A – Auth Bypass / Configuration Download
Windows – Fileless UAC Protection Bypass Privilege Escalation (Metasploit)
JVC IP-Camera VN-T216VPRU – Credentials Disclosure
MESSOA IP-Camera NIC990 – Auth Bypass / Configuration Download