Exploit Arsenal
Custom exploitation tools and proof-of-concept codes for discovered vulnerabilities.
3
Total Exploits
1
Languages
ZYXEL uOS 1.21: WebGUI Privilege Escalation
CVE-2024-9677
High
Python
Privilege Escalation
A WebGUI Privilege escalation was possibile by stealing authentication token from an authenticated admin.
Last updated:
ZYXEL uOS 1.31: Authenticated Remote Code Execution
CVE-2025-1731
High
Python
Remote Code Execution
This exploit allow an attacker to gain remote code execution exploiting a no-auth postgresql service via ssh-tunnel
Last updated:
ZYXEL uOS 1.31: WebGUI Privilege Escalation via stealed token
CVE-2025-1731
High
Python
Privilege Escalation
This exploit allow an attacker to perform a WebGUI Privilege Escalation using stealed token via Remote Command Execution as postgres user.
Last updated: