Frycos Frycos

Excerpt of vulnerabilities I found in the last years

2019

cPanel - Unauthenticated Remote Code Execution (RCE) together with mwulftange in versions prior to 8.2.0-1.cp1180
FTAPI - Authenticated Remote Code Execution (RCE) in versions prior to 4.6.3
ManageEngine OpManager - Unauthenticated/Authenticated SQL injection in versions prior to v12.4 Build no 124089 (see also blog post)
C1 CMS - Authenticated Remote Code Execution in versions prior to 6.7 (see also blog post)
TinyWall - Privilege Escalation to SYSTEM in versions prior to 2.1.13 (see also my blog post)

2020

Various WordPress Plugins - Various unauthenticated vulnerabilities, e.g. this, that, etc.
SmarterTools SmarterStats - Unauthenticated Remote Code Execution (RCE) in versions prior to Build 7422 (Apr 27, 2020)
HPE Systems Insight Manager - Unauthenticated Remote Code Execution (RCE) in versions prior to v7.4, v7.5, v7.6 with Hotfix 63 or lower
OpenNMS - Authenticated Remote Code Execution (RCE) in versions prior to 26.0.0 (write-up in tracker issue as PDF)
Dell EMC VxRail - Unauthenticated Access to encrypted credentials in versions 4.7.410 and 4.7.411 and 4.7.510
Various ManageEngine products - Unauthenticated change of system configurations affecting more than 10 ManageEngine products (see also blog post)
FreePBX - Authenticated Stored XSS and Remote Code Execution in versions prior to 13.0.10.10
Cisco Security Manager - Multiple Unauthenticated Vulnerabilities (Remote Code Execution, Files Access etc.) in versions prior to 4.22 and 4.23
Graylog - Unauthenticated Sensitive Information Disclosure in non-standard deployment in versions prior to 3.3.6 together with invist

2021

CrushFTP - Authenticated Remote Code Execution (RCE) not fixed (0day)
Citrix AppDNA - Unauthenticated Path Traversal File Overwrite not fixed (0day)
Aternity Agent - Privilege Escalation to SYSTEM in versions prior to 12.1.3.95
Jedox - Authenticated Remote Code Execution in versions prior to 2021.3 together with invist (even unauthenticated in older versions)
TIBCO JasperReports Server - Authenticated XML External Entity (XXE) in versions prior to 7.9.1 (another "won't fix" RCE)
Eilisys Ascent ESS (Employee Self Service) - Unauthenticated Remote Code Execution not fixed (0day)
PikeTec TPT - Unauthenticated Remote Code Execution in versions prior to 16u4 and 15u5 (17u1 probably still affected)
IBM Archive and Essence Manager - Unauthenticated XML External Entity in latest and prior versions (0day)

2022

Microsoft Exchange 2013/2016/2019 - Deserialization Protection Bypass in versions prior Patchday January 2022 (see also my blog post)
Act! Premium - Unauthenticated Remote Code Execution (see also my blog post)
HPE StoreEver ESL G3 Tape Library - Unauthenticated Remote Code Execution (reported but "won't fix")
3CX Phone System - Unauthenticated Remote Code Execution in Windows installations prior to version 18 update 3 (see also my blog post)
Starface ComfortPhoning - Authenticated Remote Code Execution tested against latest version 7.2.0.5 (0day, see also my blog post)
Citrix Application Delivery Management - Unauthenticated Root Password Reset and License Service Control together with CaptnBanana in versions 13.0 before 13.0-85.19 and 13.1 before 13.1-21.53
SmarterTools SmarterStats - Unauthenticated Remote Code Execution and File Read (RCE) in versions prior to Build 8195 (Jun 9, 2022). See my blog post
Kerio Connect - Authenticated Stack Buffer Overflow with any webmail user in versions between 9.4 and 9.4.2 (patched in 10.0.0)
R1Soft Server Backup Manager (SBM) - Authentication Bypass in versions prior to 6.16.4.
Skype for Business 2019 - Unauthenticated Server-side Request Forgery (see also my blog post)
Apache Archiva - Unauthorized User Registration (unpatched, won't fix) in latest version 2.2.9 and before
Sophos Mobile - Unauthenticated XML External Entity in versions between 5.0.0 and 9.7.4
pgAdmin Server - Unauthenticated Remote Code Execution in pgAdmin Servers on Windows prior to version 6.17 (see also my blog post)

2023

Docmosis Tornado - Multiple Vulnerabilities in versions prior to 2.9.5 (see also my blog post)
GoAnywhere MFT - Pre-Auth Remote Code Execution in versions up to 7.1.1 (read about rediscovering my own bug)
install4j - XML External Entity in Update function in versions prior to 10.0.5 (see also my blog post)
Fortinet FortiNAC - Multiple Unauthenticated Vulnerabilities in versions prior to 9.4.(2|3) (see also my blog post)
Technicolor TG670 DSL Gateway Router - Administrative Backdoor Account by Telecom Italia (see CERT/CC Note)
MCL Technologies MCL-Net - Unauthenticated Arbitrary File Read as SYSTEM in versions prior to 4.6
GANZ Security AI Box - Authentication Bypass in all versions released prior to July 2023 (see also my blog post)

2024

Netavis CCTV with Observer - Pre-Auth XML External Entity vulnerability proven for version 4.6.8 (0day)
Delta Dore Lifedomus - Pre-Auth Server-side Request Forgery and XML External Entity in latest (and last) version (0day)
Tableau Server - Multiple Authenticated Vulnerabilities (won't fix, report written down in my blog post)
IceWarp Mail Server - Unauthenticated Server-side Request Forgery in latest version (0day)
Microsoft Dynamics 365 Business Central - Pre-Auth Insecure Deserialization for versions before June 2024 Patchday (see also my blog post)
Progress OpenEdge Management - Unauthenticated Content Injection in versions prior to 11.7.20, 12.2.15 and 12.8.3
Veeam Backup and Replication - Unauthenticated Remote Code Execution in versions prior to 12.2.0.334

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Frycos Frycos

Achievements

Achievements

Block or report Frycos

Excerpt of vulnerabilities I found in the last years

2019

2020

2021

2022

2023

2024

Popular repositories Loading