Share
## https://sploitus.com/exploit?id=CE5A15C1-9CE9-5800-9A1E-2124AF5BF230
# pocs
| Title | CVE | Author |
|---|---|---|
| [D-Link DNR-322L - Auth. RCE](./CVE-2022-40799) | [CVE-2022-40799](https://vulners.com/cve/CVE-2022-40799) | Manuel Kiesel ([Ref](https://mkiesel.ch/posts/dlink-dnr322/)) |
| [SonixDeviceMFT.dll - LPE](./CVE-2023-51715) | [CVE-2023-51517](https://vulners.com/cve/CVE-2023-51517) | Luca Rupp (usd AG) ([Ref](https://herolab.usd.de/security-advisories/usd-2023-0029/)) |
| [eCH-0196 SSK taxstatement.jar - XXE](./CVE-2024-8602) | [CVE-2024-8602](https://vulners.com/cve/CVE-2024-8602) | Manuel Kiesel ([Ref](https://mkiesel.ch/posts/swiss-tax-adventures-1/)) |
| [EasyTax AG - XXE](./CVE-2024-9044) | [CVE-2024-9044](https://vulners.com/cve/CVE-2024-9044) | Manuel Kiesel ([Ref](https://mkiesel.ch/posts/swiss-tax-adventures-2/#xxeaas)) |
| [Cordaware bestinformed Web - Auth. RCE](./CVE-2025-0422) | [CVE-2025-0422](https://vulners.com/cve/CVE-2025-0422) | Manuel Kiesel, David Miller ([Ref](https://cyllective.com/blog/posts/cordaware-bestinformed#cve-2025-0422)) |
| [Cordaware bestinformed Web - Unauth. XSS](./CVE-2025-0423) | [CVE-2025-0423](https://vulners.com/cve/CVE-2025-0423) | Manuel Kiesel, David Miller ([Ref](https://cyllective.com/blog/posts/cordaware-bestinformed#cve-2025-0423)) |
| [Cordaware bestinformed Web - Auth. XSS](./CVE-2025-0424) | [CVE-2025-0424](https://vulners.com/cve/CVE-2025-0424) | Manuel Kiesel, David Miller ([Ref](https://cyllective.com/blog/posts/cordaware-bestinformed#cve-2025-0424)) |
| [Cordaware bestinformed Infoclient - LPE](./CVE-2025-0425) | [CVE-2025-0425](https://vulners.com/cve/CVE-2025-0425) | Manuel Kiesel, David Miller ([Ref](https://mkiesel.ch/posts/cordaware/)) |