Xc0re Black List

For a while now we noticed that there have been many attacks on our website. We think that it is time to post the IP addresses in the form of an IP Black list. This might help other organizations, ban the IP addresses, before the cyber criminals can attack. The following list comprises of the …

Xc0re Black List Read More »

How to keep yourself safe on the internet, during the Corona crisis

Corona pandemic, code name: Covid-19 caused by the virus SARS-CoV-2 is this century’s first pandemic, and hopefully the last, has caused problems in almost every industry. There has been a paradigm shift on a massive scale. As the governments, shutdown their countries in order to fight with the crisis, all the organizations are requested by …

How to keep yourself safe on the internet, during the Corona crisis Read More »

ZTE Home Gateway vdsl CPE admin control bypass

Hi Folks, There is a vulnerability in the ZTE home-router, installed in many homes (in millions) throughout the country, provided by Pakistan Telecommunication Company Limited (PTCL), which enables an attacker to bypass admin portal authentication and display and/or change the WIFI password. Furthermore, the attacker can reset the router to its factory settings and/or restart …

ZTE Home Gateway vdsl CPE admin control bypass Read More »

Huawei LTE router unauthenticated resource access

Disclaimer: [This POC is for Educational Purposes , I would Not be responsible for any misuse of the information mentioned in this blog post] Hi folks, Several vulnerabilities were identified in the Huawei LTE router. These are described in detail below: Product Family: LTE Model B315s – 22 Firmware version: 21.318.01.00.26 Author: Usman Saeed (usman …

Huawei LTE router unauthenticated resource access Read More »

TP-Link wireless router Archer C1200 – Cross-Site Scripting

Disclaimer: [This POC is for Educational Purposes , I would Not be responsible for any misuse of the information mentioned in this blog post] Hello folks. An Input validation vulnerability was found in TP-Link Archer c1200 v1.0, which results in client side code execution. [CVE-2018-13134] [+] Unauthenticated [+] Author: Usman Saeed (usman [at] xc0re.net) [+] Affected Version: …

TP-Link wireless router Archer C1200 – Cross-Site Scripting Read More »