Exploits & CVE's

Authored by Jim Becher | Site korelogic.com Barco wePresent device firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could...

Authored by Jim Becher | Site korelogic.com An attacker armed with hardcoded API credentials from KL-001-2020-004 (CVE-2020-28329) can issue an authenticated query to display the admin password for the main...

Authored by Jim Becher | Site korelogic.com The Barco wePresent WiPG-1600W version 2.5.1.8 web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a...

Authored by Jim Becher | Site korelogic.com Barco wePresent WiPG-1600W version 2.5.1.8 has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does...

Authored by Jim Becher | Site korelogic.com Barco wePresent WiPG-1600W versions 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19 have a hardcoded root password hash included in the firmware image. advisories | CVE-2020-28334 Change Mirror...

Authored by Achilles Boxoft Convert Master version 1.3.0 SEH local buffer overflow exploit. Change Mirror Download # Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit# Date: 17.09.2020# Vendor Homepage:...

Authored by Paolo Stagno IBM Tivoli Storage Manager version 5.2.0.1 suffers from a command line administrative interface buffer overflow vulnerability. Change Mirror Download # Exploit Title: IBM Tivoli Storage Manager Command Line...

Authored by Pedro Ribeiro, Radek Domanski | Site metasploit.com This Metasploit module exploits a series of vulnerabilities to achieve unauthenticated remote code execution on the Rockwell FactoryTalk View SE SCADA...

Authored by Jasper Rasenberg Gitlab version 12.9.0 authenticated arbitrary file read exploit. A file read vulnerability was previously discovered in this version in May of 2020 by KouroshRZ. Change Mirror Download #...

Authored by Dolev Farhi M/Monit version 3.7.4 suffers from a privilege escalation vulnerability. Change Mirror Download # Title: M/Monit 3.7.4 - Privilege Escalation# Author: Dolev Farhi# Date: 2020-07-09# Vendor Homepage: https://mmonit.com/# Version...