Grumpy Admin Is Back... Sorry
It's been too long; Grumpy admin is back - and the itch to blog and
This is just a page to track all of my disclosed issues and vulnerabilities.
- Control Web Panel: Account Hijack – CVE-2022-25047
- Control Web Panel: Pre Auth RCE – CVE-2022-25046
- SureMDM: XSS – RCE on all managed Hosts
- SureMDM: RCE – Linux Agent
- Netgear: Command Injection – PSV-2021-0169
- Netgear: Sensitive Information Disclosure – PSV-2021-0171
- Netgear: Command Injection – PSV-2021-0172
- Fitbit: Malicious Applications
- Wagtail XSS – CVE-2021-29434
- OSSN: Arbitrary File Read – CVE-2020-10560
- F5 BigIP: XSS – CVE-2020-27719
- Anubis: XSS
- Security Onion: XSS
- Security Onion: Command injection
- StartMe: XSS in widgets
- Imperva: WAF Bypass
- Nandos: XSS
- OSSN: XSS – CVE-2020-10559