Real world and CTFs exploit POCs.
CVE |
Short description |
Exploit |
CVE-2017-5343 |
Wordpress SQL Injection |
[POC] |
CVE-2018-8880 |
Unauthenticated Lutron Quantum Bacnet v2 network info exfiltration |
POC |
CVE-2018-11629 |
Default and unremovable credentials in Homeworks QS Lutron integration protocol. |
POC |
CVE-2018-11653 |
Unauthenticated Netwave Camera information disclosure via network chipset data. |
POC |
CVE-2018-11654 |
Unauthenticated Netwave Camera information disclosure. Check vulnerable hosts to CVE-2018-11653 |
POC |
CVE-2018-11681 |
Default and unremovable credentials in Radio RA 2 Lutron integration protocol. |
POC |
CVE-2018-11682 |
Default and unremovable credentials in Stanza Lutron integration protocol. |
POC |
CVE-2018-12634 |
CirCarLife Scada < v4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI. |
POC |
CVE-2018-16668 |
CirCarLife Scada < v4.3 internal installation path disclosure. |
POC |
CVE-2018-16669 |
Due to a clear-text stored credentials, an unprivileged user can gain access to other services with higher privileges exploiting a flaw on Open Charge Point Protocol web implementation. All versions prior to <1.5.0 are vulnerable. |
POC |
CVE-2018-16670 |
CirCarLife Scada < v4.3 allows remote attackers to obtain the status of PLCs used at charge stations. |
POC |
CVE-2018-16671 |
CirCarLife Scada < v4.3 allows remote attackers to obtain software and hardware versions. |
POC |
CVE-2018-16672 |
CirCarLife Scada < v4.3 allows remote authenticated attackers to obtain critical details about the carge station including credentials for GPRS Router. |
POC |
CVE-2018-7812 |
An Information Exposure through Discrepancy vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200. |
POC |
Name |
Description |
POC |
Cir-PWN-life |
Cir-PWN-life is proof of concept for exploiting multiple vulnerabilities affecting Circontrol products in an automated way. |
POC |
Type |
Description |
Link |
ARM |
Protostar - Stack0 |
exploit |
ARM |
Protostar - Stack1 |
exploit |
HTB |
Hack the box - Frolic |
exploit |