Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/maen08/cve-2024-25277
Resources and PoCs
https://github.com/maen08/cve-2024-25277
Last synced: 27 days ago
JSON representation
Resources and PoCs
- Host: GitHub
- URL: https://github.com/maen08/cve-2024-25277
- Owner: maen08
- Created: 2024-02-25T16:54:33.000Z (11 months ago)
- Default Branch: master
- Last Pushed: 2024-04-23T19:11:22.000Z (9 months ago)
- Last Synced: 2024-04-24T22:05:46.357Z (9 months ago)
- Language: JavaScript
- Size: 16.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
## CVE-2024-25277 discovered on MW45A_PT_02.00_02
### Resources and PoCs
- This repo serves as collection of scripts and PoCs gathered during analysis and discovery of CVE-2024-25277.
- You can read more about the finding on: https://blog.maentechie.com/bypass-rate-limiting-in-tcl-mw45ad-to-achieve-privileges-escalation
### Summary of issues found
- Rate limit bypass
- Hardcoded tokens and keys
- Weak encryption
- Privileges escalation