X-C3LL/PoC-CVEs

X-C3LL/PoC-CVEs

Releases0

Stars10

Proof of Concepts of vulnerabilities discovered by me

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-26952 ↗	Apr 6, 2022Wednesday, 6 April 2022, 01:15	7.5 HIGH	5 MEDIUM
Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page.
CVE-2022-26953 ↗	Apr 6, 2022Wednesday, 6 April 2022, 01:15	7.5 HIGH	5 MEDIUM
Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body.
CVE-2019-12727 ↗	Jun 4, 2019Tuesday, 4 June 2019, 13:29	—	7.8 HIGH
On Ubiquiti airCam 3.1.4 devices, a Denial of Service vulnerability exists in the RTSP Service provided by the ubnt-streamer binary. The issue can be triggered via malformed RTSP requests that lead to an invalid memory read. To exploit the vulnerability, an attacker must craft an RTSP request with a large number of headers.