2015-04-07 : CVE-2015-1415.txt - FreeBSD 10.x ZFS encryption.key disclosure 2015-04-17 : 2015-iptime-0x00.txt - 112 ipTIME Routers/WiFi APs/Modems/Firewalls models vulnerable with RCE with root privileges 2015-07-01 : 2015-iptime-0x00-PoC-firmware.pre.9.52-current.process.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.pre.9.52-default.firewall.rules.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.pre.9.52-dump.configuration.including.credentials.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.pre.9.52-getting.kernel.memory.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.pre.9.52.grabbing.cpu.info.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.pre.9.52-listing.of.the.root.filesystem.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.pre.9.52-opening.the.firewall.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.pre.9.52-reboot.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.pre.9.52-bricking.the.device.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.9.52-current.process.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.9.52-default.firewall.rules.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.9.52-dump.configuration.including.credentials.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.9.52-getting.kernel.memory.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.9.52.grabbing.cpu.info.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.9.52-listing.of.the.root.filesystem.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.9.52-opening.the.firewall.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.9.52-reboot.html 2015-07-01 : 2015-iptime-0x00-PoC-firmware.9.52-bricking.the.device.html 2015-04-17 : 2015-iptime-0x01.txt - iptime n104r3 vulnerable to CSRF and XSS attacks 2015-07-03 : 2015-iptime-0x01-PoC-activate_admin_wan_csrf_bypass.html 2015-07-03 : 2015-iptime-0x01-PoC-change_dns_csrf_bypass.html 2015-07-06 : 2015-iptime-0x02.txt - 127 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request 2015-07-16 : 2015-totolink-0x00.txt - 15 TOTOLINK router models vulnerable to multiple RCEs 2015-07-16 : 2015-totolink-0x00-PoC-bricking.the.device.html 2015-07-16 : 2015-totolink-0x00-PoC-current.process.html 2015-07-16 : 2015-totolink-0x00-PoC-default.firewall.rules.html 2015-07-16 : 2015-totolink-0x00-PoC-dump.configuration.including.credentials.html 2015-07-16 : 2015-totolink-0x00-PoC-getting.kernel.memory.html 2015-07-16 : 2015-totolink-0x00-PoC-listing.of.the.filesystem.html 2015-07-16 : 2015-totolink-0x00-PoC-opening.the.firewall.html 2015-07-16 : 2015-totolink-0x00-PoC-reboot.html 2015-07-16 : 2015-totolink-0x01.txt - 4 TOTOLINK router models vulnerable to CSRF and XSS attacks 2015-07-16 : 2015-totolink-0x01-PoC-activate_admin_wan_csrf_bypass.html 2015-07-16 : 2015-totolink-0x01-PoC-change_dns_csrf_bypass.html 2015-07-16 : 2015-totolink-0x02.txt - Backdoor and RCE found in 8 TOTOLINK router models 2015-07-16 : 2015-totolink-0x03.txt - Backdoor credentials found in 4 TOTOLINK router models 2015-10-07 : 2015-huawei-0x00.txt - A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE 2015-11-12 : CVE-2015-8100-openbsd-net-snmp.txt - OpenBSD package 'net-snmp' information disclosure 2015-12-01 : 2015-huawei-0x01.txt - Huawei Wimax routers vulnerable to multiple threats 2016-01-05 : 2016-ganeti-0x00.txt - Ganeti advisory : CVE-2015-7944, CVE-2015-7945 2016-01-05 : GHETTO-BLASTER - Ganeti PoC : CVE-2015-7944, CVE-2015-7945 2016-01-15 : CVE-2015-5677-freebsd-bsnmpd.txt - CVE-2015-5677 - FreeBSD bsnmpd information disclosure 2016-04-04 : 2016-quanta-0x00.txt - Quanta QDH Security Advisory 2016-04-04 : quanta-dos-crash-router.sh - Quanta QDH Router DoS 2016-04-04 : quanta-dos-http.sh - Quanta QDH HTTP DoS 2016-04-04 : quanta-http-directory-listing.sh - Quanta QDH Arbitrary file browsing using the http daemon 2016-04-04 : quanta-http-file.sh - Quanta QDH Arbitrary file reading using the http daemon 2016-04-04 : quanta-infoleak.sh - Quanta QDH WebInterface Information Leak 2016-04-04 : quanta-rce-remote-exploit-ping.sh - Quanta QDH RCE #1 2016-04-04 : quanta-rce-remote-exploit-traceroute.sh - Quanta QDH RCE #2 2016-04-04 : quanta-ssh-default-password-admin - Quanta QDH Backdoor accounts 2016-04-04 : quanta-ssh-default-password-root - Quanta QDH Backdoor accounts 2016-04-04 : quanta-wps-gen.c - Quanta QDH Weak WPS PIN Generation 2017-02-07 : CVE-2017-5850-openbsd.txt - OpenBSD httpd DoS 2017-02-09 : 2017-tplink-0x00.txt - CVE-2017-8217 - CVE-2017-8218 - CVE-2017-8219 - CVE-2017-8220 - TP-Link C2 and C20i vulnerable to command injection (authenticated root RCE), DoS, improper firewall rules 2017-03-08 : 2017-goahead-camera-0x00.txt - CVE-2017-8221 - CVE-2017-8222 - CVE-2017-8223 - CVE-2017-8224 - CVE-2017-8225 - Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in GoAhead 2017-03-08 : expl-goahead-camera.c - Pre-Auth RCE as root against cameras running GoAhead 2017-09-07 : z0-Owning_embedded_devices_and_network_protocols-redacted.pdf - zer0con slides 2017-09-08 : 2017-dlink-0x00-dlink-850l-cloud.txt - Pwning the Dlink 850L routers and abusing the MyDlink Cloud protocol 2020-03-09 : 2020-zyxel-0x00-secumanager.txt - Multiple vulnerabilities found in Zyxel CNM SecuManager 2020-07-07 : 2020-cdata-0x00-olt.txt - Multiple vulnerabilities found in CDATA OLTs 2024-06-27 : 2024-sharp-mfp.txt - 17 vulnerabilities in Sharp Multi-Function Printers 2024-06-27 : 2024-toshiba-mfp.txt - 40 vulnerabilities in Toshiba Multi-Function Printers 2024-11-01 : 2024-ibmsecurity.txt - 4 vulnerabilities in ibmsecurity 2024-11-01 : 2024-ibm-security-verify-access.txt - 32 vulnerabilities in IBM Security Verify Access