0x90

Information Security professional....

ZTE Home Gateway vdsl CPE admin control bypass

Hi Folks, There is a vulnerability in the ZTE home-router, installed in many homes (in millions) throughout the country, provided by Pakistan Telecommunication Company Limited (PTCL), which enables an attacker to bypass admin portal authentication and display and/or change the WIFI password. Furthermore, the attacker can reset the router to its factory settings and/or restart …

ZTE Home Gateway vdsl CPE admin control bypass Read More »

Huawei LTE router unauthenticated resource access

Disclaimer: [This POC is for Educational Purposes , I would Not be responsible for any misuse of the information mentioned in this blog post] Hi folks, Several vulnerabilities were identified in the Huawei LTE router. These are described in detail below: Product Family: LTE Model B315s – 22 Firmware version: 21.318.01.00.26 Author: Usman Saeed (usman [at] xc0re.net) …

Huawei LTE router unauthenticated resource access Read More »

TP-Link wireless router Archer C1200 – Cross-Site Scripting

Disclaimer: [This POC is for Educational Purposes , I would Not be responsible for any misuse of the information mentioned in this blog post] Hello folks. An Input validation vulnerability was found in TP-Link Archer c1200 v1.0, which results in client side code execution. [CVE-2018-13134] [+] Unauthenticated [+] Author: Usman Saeed (usman [at] xc0re.net) [+] Affected …

TP-Link wireless router Archer C1200 – Cross-Site Scripting Read More »

Downside of keeping everything public – ICWATCH

I have been writing and preaching about Social network information harvesting and why it is a bad thing (Check out the post here). I recently stumbled upon something, which is, publicly known though, but still worth mentioning. The mentioned “something” is a very good example of why too much information about one’s self is never …

Downside of keeping everything public – ICWATCH Read More »

Secured By miniOrange