InnotecSystem/Device-Reversing

InnotecSystem/Device-Reversing

Releases0

Stars5

Este repo contiene write-ups de reversing de dispositivos.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-14919 ↗	Jan 9, 2020Thursday, 9 January 2020, 17:15	7.8 HIGH	7.2 HIGH
An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device.
CVE-2019-14920 ↗	Jan 9, 2020Thursday, 9 January 2020, 17:15	8.8 HIGH	9 HIGH
Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authenticated attacker to gain root execution privileges over the device via a hidden etc_ro/web/adm/system_command.asp shell feature.
CVE-2019-14918 ↗	Jan 9, 2020Thursday, 9 January 2020, 17:15	5.4 MEDIUM	3.5 LOW
XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etc_ro/web/internet/dhcpcliinfo.asp.