Lucene search
C94CBDE1-4CC5-5C06-9D18-23CAB216705EHistoryDec 13, 2022 - 8:41 a.m.
Exploit for Path Traversal in Ivanti Connect Secure
2022-12-1308:41:44
165
path traversal
ivanti connect secure
apt-backpack
cve
rat
exploitation
exfiltration
phishing
reverse shell
security document
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
EPSS
0.975
Percentile
100.0%
APT-Backpack
Most common used CVE’s by APT, legitimate RAT and…
This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.
Related
malwarebytes
malwarebytes
Chinese APT's favorite vulnerabilities revealed
2022-10-13 16:15:00
Patch now! Exchange servers attacked by Hafnium zero-days
2021-03-03 12:34:27
The top 5 most routinely exploited vulnerabilities of 2021
2022-04-29 16:28:20
qualysblog
qualysblog
NSA Alert: Topmost CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
2022-10-07 20:03:01
CISA Alert: Top 15 Routinely Exploited Vulnerabilities
2022-05-06 12:19:24
Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities
2023-08-24 19:07:05
avleonov
avleonov
Joint Advisory AA22-279A and Vulristics
2022-10-21 20:10:13
Vulnerability Management news and publications #2
2022-08-14 11:30:44
ics
ics
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
2022-10-06 12:00:00
Chinese State-Sponsored Cyber Operations: Observed TTPs
2021-08-20 12:00:00
Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity
2020-10-24 12:00:00
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2021-03-03 17:36:18
Exploit for Vulnerability in Microsoft
2021-03-05 08:22:07
Exploit for Vulnerability in Microsoft
2021-03-09 10:36:44
threatpost
threatpost
Pioneer Kitten APT Sells Corporate Network Access
2020-09-01 13:35:19
CISA Orders Fed Agencies to Patch Exchange Servers
2021-03-04 17:08:36
Attackers Target ProxyLogon Exploit to Install Cryptojacker
2021-04-15 12:19:13
securelist
securelist
Black Kingdom ransomware
2021-06-17 10:00:41
Zero-day vulnerabilities in Microsoft Exchange Server
2021-03-04 17:20:57
DDoS attacks in Q4 2021
2022-02-10 10:00:04
kitploit
kitploit
rapid7blog
rapid7blog
thn
thn
CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies
2020-09-15 09:14:00
URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange
2021-03-03 07:28:00
Microsoft Exchange Cyber Attack — What Do We Know So Far?
2021-03-08 10:15:00
msrc
msrc
talosblog
talosblog
Threat Advisory: HAFNIUM and Microsoft Exchange zero-day
2021-03-08 10:18:43
akamaiblog
akamaiblog
How Akamai Can Help You Fight the Latest Exploitation Attempts Against Microsoft Exchange
2021-03-15 22:30:00
Microsoft Exchange and Verkada Hacks: Isolate Your Apps and APIs from the Internet Cesspool
2021-03-15 22:15:00
Authentication: Lessons Learned from Microsoft Exchange and F5 BIG-IP Hacks
2021-03-24 14:00:00
cisa
cisa
Microsoft Releases Out-of-Band Security Updates for Exchange Server
2021-03-02 00:00:00
RCE Vulnerability in Hikvision Cameras (CVE-2021-36260)
2021-09-28 00:00:00
hivepro
hivepro
Have you patched the vulnerabilities in Microsoft Exchange Server?
2021-08-18 11:01:05
Cerber targeting organizations with publicly available exploits
2021-12-14 13:50:15
mssecure
mssecure
Profiling DEV-0270: PHOSPHORUS’ ransomware operations
2022-09-07 21:00:00
HAFNIUM targeting Exchange Servers with 0-day exploits
2021-03-02 21:07:53
attackerkb
attackerkb
CVE-2021-26857
2021-03-03 00:00:00
CVE-2021-1497
2021-05-05 00:00:00
fireeye
fireeye
impervablog
impervablog
Imperva Observes Hive of Activity Following Hafnium Microsoft Exchange Disclosures
2021-03-26 15:06:38
Attackers Quick to Weaponize CVE-2023-22527 for Malware Delivery
2024-02-21 09:28:01
2021 in Review, Part 2: 5 Top Cybersecurity Stories
2021-12-29 12:03:19
krebs
krebs
Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails
2021-03-02 21:19:17
Red Cross Hack Linked to Iranian Influence Operation?
2022-02-16 16:44:19
carbonblack
carbonblack
mmpc
mmpc
HAFNIUM targeting Exchange Servers with 0-day exploits
2021-03-02 21:07:53
Profiling DEV-0270: PHOSPHORUS’ ransomware operations
2022-09-07 21:00:00
zdt
zdt
Atlassian Confluence Namespace OGNL Injection Exploit
2022-06-09 00:00:00
Hikvision IP Camera Unauthenticated Command Injection Exploit
2022-02-28 00:00:00
packetstorm
packetstorm
Atlassian Confluence Namespace OGNL Injection
2022-06-08 00:00:00
HughesNet HT2000W Satellite Modem Password Reset
2024-08-26 00:00:00
Sitecore Experience Platform (XP) Remote Code Execution
2021-11-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Zoho ManageEngine ADSelfService Plus Authentication Bypass (CVE-2021-40539)
2021-11-14 00:00:00
Sitecore XP Remote Code Execution (CVE-2021-42237)
2022-02-06 00:00:00
nessus
nessus
Security Updates for Microsoft Exchange Server (March 2021)
2021-03-03 00:00:00
ManageEngine Log360 < Build 5229 REST API Restriction Bypass RCE
2021-09-24 00:00:00
Hikvision Multiple Products Command Injection (CVE-2021-36260)
2024-07-22 00:00:00
nuclei
nuclei
Microsoft Exchange Server SSRF Vulnerability
2021-03-06 07:00:59
Buffalo WSR-2533DHPL2 - Path Traversal
2021-08-10 16:51:46
Hikvision IP camera/NVR - Remote Command Execution
2021-10-29 08:17:09
mskb
mskb
kaspersky
kaspersky
KLA12103 ACE vulnerabilities in Microsoft Exchange Server
2021-03-02 00:00:00
prion
prion
Path traversal
2021-04-29 15:15:00
Privilege escalation
2021-03-11 16:15:00
Command injection
2021-09-22 13:15:00
nvd
nvd
cisa_kev
cisa_kev
Arcadyan Buffalo Firmware Path Traversal Vulnerability
2021-11-03 00:00:00
Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability
2021-11-03 00:00:00
Sitecore XP Remote Command Execution Vulnerability
2022-03-25 00:00:00
cve
cve
exploitdb
exploitdb
HughesNet HT2000W Satellite Modem - Password Reset
2024-08-24 00:00:00
Hikvision Web Server Build 210702 - Command Injection
2021-10-25 00:00:00
metasploit
metasploit
ManageEngine ADSelfService Plus CVE-2021-40539
2021-11-24 01:05:09
Hikvision IP Camera Unauthenticated Command Injection
2022-02-19 21:13:24
Sitecore Experience Platform (XP) PreAuth Deserialization RCE
2021-11-11 22:42:58
cvelist
cvelist
CVE-2021-20090
2021-04-29 00:00:00
CVE-2021-26865 Windows Container Execution Agent Elevation of Privilege Vulnerability
2021-03-11 15:38:36
CVE-2021-36260
2021-09-22 12:07:55
mscve
mscve
Windows Container Execution Agent Elevation of Privilege Vulnerability
2021-03-09 08:00:00
openvas
openvas
Hikvision IP Camera RCE Vulnerability (HSRC-202109-01) - Active Check
2022-08-24 00:00:00
Arcadyan Directory Traversal Vulnerability (Apr 2021) - Active Check
2021-08-10 00:00:00
cnvd
cnvd
Buffalo WSR-2533DHPL2 and WSR-2533DHP3 are vulnerable to path traversal
2021-04-28 00:00:00
exploitpack
exploitpack
hackerone
hackerone
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
EPSS
0.975
Percentile
100.0%
Related for C94CBDE1-4CC5-5C06-9D18-23CAB216705E