Date Category Source Title Author
Date Category Source Title Author
2015/09/29 Software Centrifuge Dropbox Centrifuge Dropbox automated vulnerability scanning for embedded devices. Tactical Network Solutions
2015/11/10 Software Router Security Features List List of security features to look for in routers. Michael Horowitz
2014/12/26 Hardware The Shikra The Shikra is a device that allows the user to interface (via USB) to a number of different low-level data interfaces such as: JTAG, SPI, I2C, UART, GPIO. int3.cc
2015/02/12 Hardware Saleae Log Analizers Saleae Log Analizers Saleae makes easy-to-use USB Logic Analyzers that can record both digital and analog, and decode protcols like SPI, I2C, Serial, 1-Wire, CAN, Manchester, I2S and more. Saleae
2015/09/08 Hardware GoodFET GoodFET is an Open-source JTAG adapter, loosely based upon the TI MSP430 FET UIF and EZ430U boards. The GoodFET has been inspired by HackADay's Bus Pirate to become a universal serial bus interface. Travis Goodspeed
2014/10/22 Hardware J-Link / J-Trace J-Link / J-Trace debug probes support all ARM 7/9/11, Cortex, Microchip PIC32, Renesas RX CPUs and are supported by all major IDEs such as Keil MDK-ARM, GDB-based IDEs and SEGGER Embedded Studio. Segger
2015/11/01 One click meat.pisto.horse X2000 - Remote Command Execution [SET IP] Lorenzo Pistone
2013/05/19 One click YouTube Technicolor TD5130 - WAN Configuration Disclosure [SET IP] TechnicolorTD5130
2013/05/19 One click YouTube Technicolor TD5130 - LAN Configuration Disclosure [SET IP] TechnicolorTD5130
2013/05/19 One click YouTube Technicolor TD5130 - Firewall Configuration Disclosure [SET IP] TechnicolorTD5130
2013/01/31 Advisory Hakim.ws TG582n - Backdoor hkm
2014/12/08 One click Comunidad Underground de México D-Link DIR-514 - Authentication Bypass [SET IP] flexlm
2014/12/09 One click Comunidad Underground de México D-Link DIR-514 - Configuration Disclosure [SET IP] flexlm
2015/09/23 Software The Hacker Blog A framework for identifying and launching exploits against internal network hosts. Works via WebRTC IP enumeration, WebSocket host scanning, and external resource fingerprinting. mandatory
2015/09/15 Software devttys0 Sasquatch is a modified unsquashfs utility that attempts to support as many hacked-up vendor-specific SquashFS implementations as possible. devttys0
2014/06/21 One click websecurity D-Link DAP-1360 CSRF and information disclosure MustLive
2014/06/21 One click websecurity D-Link DAP-1360 XSS & CSRF MustLive
2015/06/08 One click exploit-db D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change Dawid Czagan
2015/01/10 Advisory PoC RedTeam Pentesting OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855 OmniSwitch Web Interface Weak Session ID RedTeam Pentesting
2015/06/08 One click search-lab D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change Dawid Czagan
2015/05/27 Advisory search-lab Multiple vulnerabilities in D-LINK DNS-320, DNS-320l, DNS-327l, and DNR-326 devices Gergely Eberhardt
2015/02/28 One click websecurity ASUS RT-G32 CSRF Add admin:admin account MustLive
2015/06/28 Advisory Tangible Security D-Link DCS-930L DCS-931L DCS-932L DCS-933L DCS-931L - Allows Authenticated User Unrestricted File Upload - CSRF - FW 1.04 and Older Allen Harper
2015/06/16 Advisory PoC vulnerability-lab ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Vulnerability Hadji Samir
2014/05/16 Advisory PoC Rapid7 Ubee DDW3611 & Ambit U10C019 Configuration disclosure via SNMP public string Deral Heiland
2014/05/16 Advisory PoC Rapid7 Motorola Netopia 3347 Configuration disclosure via SNMP public string Deral Heiland
2010/12/27 Advisory PoC seguridadwireless NetGear WN2000RPT v2 Authentication Bypass Reboot Boombox
2015/06/27 Advisory PoC cxsecurity NetGear ProSafe SRX5308 FVS336Gv3 FVS336Gv2 FVS318N v4.3.2-7 and v4.3.3-3 Cross Site Scripting / SQL Injection / Header Injection Juan J. Güelfo
2015/05/28 Software nirsoft RouterPassView v1.57 - Recover lost password from router backup file. Remember to run in command line for full router support. nirsoft
2015/06/10 Advisory PoC 8thbit.net TP-Link W8961DN v3 rom0 download via C6 cookie Koorosh Ghorbani
2015/04/10 Analysis PoC /dev/ttys0 D-Link DAP-1522 revB, DAP-1650 revB, DIR-890L, DIR-880L, DIR-865L, DIR-860L revA, DIR-860L revB DIR-815 revB, DIR-300 revB, DIR-600 revB, DIR-645, TEW-751DR, TEW-733GR HNAP SOAPAction-Header Command Execution Craig Heffner
2015/05/05 Metasploit module Rapid7 D-Link DAP-1522 revB, DAP-1650 revB, DIR-880L, DIR-865L, DIR-860L revA, DIR-860L revB DIR-815 revB, DIR-300 revB, DIR-600 revB, DIR-645, TEW-751DR, TEW-733GR HNAP SOAPAction-Header Command Execution Samuel Huntley, Craig Heffner, Michael Messner
2015/02/13 Advisory PoC D-Link D-Link DIR-645 FW 1.04b12 Command Injection Samuel Huntley
2013/10/24 Analysis PoC Shadow-file NetGearD-Link wndr3700v4 Command Injection Zach Cutlip
2015/02/11 Analysis PoC Kernelpicnic NetGear SOAPWNDR Authentication Bypass Peter Adkins
2015/02/26 Advisory PoC Kernelpicnic TRENDnet Multiple vulnerabilities in D-Link and TRENDnet 'ncc2' service Peter Adkins
2015/06/11 Advisory PoC Kernelpicnic D-Link Multiple vulnerabilities in D-Link and TRENDnet 'ncc2' service Peter Adkins
2015/06/11 One click Kernelpicnic D-Link DSP-W110 (Rev A) v1.05b01 Information Disclosure WLAN SSID, MAC, Versions Peter Adkins
2015/06/11 Advisory PoC Kernelpicnic D-Link DSP-W110 (Rev A) v1.05b01 Arbitrary command execution / SQL Injection / file upload Peter Adkins
2015/06/29 One click Daniel Cisa ZTE F660 V2.22.21 Authentication Bypass Download config [SET IP] Daniel Cisa
2015/01/30 Generator sn4kebites Pirelli Alice Telecom Italia SSID Alice-######## Dren
2015/01/30 One click Routerpwn D-Link DSL-2680 Authentication Bypass Reboot Dren
2015/06/28 Generator Websec Alcatel-Lucent 240W - Vecinitum de fibra Luis Colunga
2015/06/16 Hardware Bus Pirate Bus Pirate is a universal bus interface that talks to electronics from a computer serial terminal. Protocols 1-Wire, I2C, SPI, JTAG, asynchronous serial (UART), MIDI, PC keyboard, HD44780 LCDs, and generic 2- and 3-wire libraries for custom protocols. Dangerous Prototypes
2015/05/21 Software Rapid7 SSH-BADKEYS: A collection of static SSH keys (public and private) that have made their way into software and hardware products. Inspired by the Little Black Box project, but focused primarily on SSH (as opposed SSL) keys. Currently has Array Networks, Ceragon Fibeair, F5 BigIP, loadbalancer.org enterprise, quantum dxi v1000, vagrant and tandberg. hdmoore
2015/05/28 Advisory SEC Consult D-Link DIR-615 C NetUSB Kernel Stack Buffer Overflow SEC Consult Vulnerability Lab
2015/05/28 Advisory SEC Consult TP-LINK NetUSB Archer C2 V1.0 C5 V2.0 C7 V2.0 C8 C9 D2 D5 D7 D7B D9 VR200 TC-VG3XXX TC-W1XXX TD-W8XXX TD-W9XXX TL-WRXXXX TX-VG1530 SEC Consult Vulnerability Lab
2015/05/28 Advisory SEC Consult TRENDnet NetUSB TE100-MFP1 TEW-6XXXXX TEW-8XXXXX TEW-MFP1 SEC Consult Vulnerability Lab
2015/05/28 Advisory SEC Consult Netgear NetUSB AC1450 D6X00 DC112A DGND4000 EX6200 EX7000 JNR3XXX JR6XXX PR2000 R6XXX R7XXX WN3XXXXX WNDR4XXX XAU2511 SEC Consult Vulnerability Lab
2015/05/28 Advisory Full Disclosure Observa-Telecom VH4032N VH4032N_V0.2.35 Universal Plug and Play Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 Advisory Full Disclosure Observa-Telecom VH4032N VH4032N_V0.2.35 USB Device Bypass Authentication Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 Advisory Full Disclosure Observa-Telecom VH4032N VH4032N_V0.2.35 Bypass Authentication using SMB Symlinks Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 One click Full Disclosure Observa-Telecom VH4032N VH4032N_V0.2.35 CSRF change FTP password [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 One click Full Disclosure Observa-Telecom VH4032N VH4032N_V0.2.35 CSRF change admin password [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 Advisory Full Disclosure Observa-Telecom VH4032N VH4032N_V0.2.35 Persistent Cross Site Scripting Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 Advisory Full Disclosure Observa-Telecom Home Station BHS-RTA v1.1.3 Universal Plug and Play Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 One click Full Disclosure Observa-Telecom Home Station BHS-RTA v1.1.3 Information Disclosure IP and MAC of clients [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 One click Full Disclosure Observa-Telecom Home Station BHS-RTA v1.1.3 Information Disclosure WLAN passwords [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 Advisory Full Disclosure Observa-Telecom RTA01N RTK_V2.2.13 Universal Plug and Play Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 Advisory Full Disclosure RTA01N RTA01N RTK_V2.2.13 Backdoor admin:7449airocon Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 Advisory Full Disclosure Observa-Telecom RTA01N RTK_V2.2.13 Backdoor admin:7449airocon Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 Advisory Full Disclosure Observa-Telecom RTA01N RTK_V2.2.13 Unauthenticated Cross-site Scripting (XSS) Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 One click Full Disclosure Observa-Telecom RTA01N RTK_V2.2.13 CSRF Denial of Service [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 One click Full Disclosure Observa-Telecom RTA01N RTK_V2.2.13 CSRF change password from 1234 (default) to newpass [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 One click Full Disclosure Observa-Telecom RTA01N RTK_V2.2.13 CSRF change DNS servers [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 Advisory Full Disclosure Observa-Telecom RTA01N RTK_V2.2.13 Multiple Cross-site Scriptings (XSS) Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 One click Full Disclosure Observa-Telecom AW4062 1.4.2 CSRF Denial of Service [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 Avisory PoC Full Disclosure Observa-Telecom AW4062 1.4.2 Privilege Escalation via FTP file config.xml [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 One click Full Disclosure Observa-Telecom AW4062 1.4.2 CSRF change DNS servers [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 One click Full Disclosure Observa-Telecom AW4062 1.4.2 CSRF ping certain IP [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 One click Full Disclosure Observa-Telecom AW4062 1.4.2 CSRF change password from 1234 to 12345 [SET IP] Alvaro Folgado, Jose Rodriguez, Ivan Sanz
2015/05/28 Advisory PoC Full Disclosure Observa-Telecom AW4062 1.4.2 Multiple Cross-site Scriptings (XSS) Universidad Eurpea de Madrid