-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
> [Suggested description]
> An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing
> the TFTP service running on UDP port 69, a remote attacker can perform
> a directory traversal and obtain operating system files via a TFTP
> GET requ
# Exploit Title: Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal
# Google Dork: N/A
# Date: 2019-11-15
# Exploit Author: Kevin Randall
# Vendor Homepage: https://www.lexmark.com/en_us.html
# Software Link: https://www.lexmark.com/en_us.html
# Version: 2.27.4.0.39 (Latest Version)
# Teste
# Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTM
Directory Traversal (Metasploit)
# Google Dork: N/A
# Date: 8/21/2019
# Exploit Author: Kevin Randall
# Vendor Homepage: https://www.coreftp.com
# Software Link: http://www.coreftp.com/server/index.html
# Version: Firmware: Core
# Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE
Directory Traversal (Metasploit)
# Google Dork: N/A
# Date: 8/20/2019
# Exploit Author: Kevin Randall
# Vendor Homepage: https://www.coreftp.com
# Software Link: http://www.coreftp.com/server/index.html
# Version: Firmware: Core
**
Discovered By: Kevin Randall on 3/23/2019
**
A Directory Traversal issue was discovered in the Web GUI in Titan FTP
Server 2019 Build 3505.
When an authenticate
CVE-2019-9649
CoreFTP FTP / SFTP Server v2 - Build 674
MDTM Directory Traversal
Discovered By: Kevin Randall
Summary: By utilizing a directory traversal along with the FTP MDTM
command, an attacker can browse outside the root directory to determine if
a file exists based on return file size a
CVE-2019-9648
CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE Directory Traversal
Discovered By: Kevin Randall
Summary: By utilizing a directory traversal along with the FTP SIZE
command, an attacker can browse outside the root directory to determine if
a file exists based on return file s
> An issue was discovered on D-Link DIR-601 2.02NA devices. Being local
> to the network and having only "User" account (which is a low
> privilege account) access, an attacker can intercept the response from
> a POST request to obtain "Admin" rights due to the admin password
> being displayed in X
> [Suggested description]
> An issue was discovered on D-Link DIR-890L A2 devices.
> Due to the predictability of the /docs/captcha_(number).jpeg URI,
> being local to the network, but unauthenticated to the administrator's
> panel, an attacker can disclose the CAPTCHAs used by the access point
>
Discoverer: Kevin Randall
On Wed, Mar 28, 2018 at 2:13 PM, Kevin R wrote:
> Hello Seclists:
>
> Attached is my writeup for the following CVE: CVE-2018-5708
> > An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on
> > the same local network as, but being un
Hello Seclists:
Attached is my writeup for the following CVE: CVE-2018-5708
> An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on
> the same local network as, but being unauthenticated to, the
> administrator's panel, a user can obtain the admin username and
> cleartext password
11 matches
Mail list logo