Adobe Connect < 12.1.5 - Local File Disclosure

Adobe Connect versions 11.4.5 and earlier, 12.1.5 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not...

F5 BIG-IP TMUI Directory Traversal / File Upload / Code Execution Exploit

This Metasploit module exploits a directory traversal in F5's BIG-IP Traffic Management User Interface TMUI to upload a shell script and execute it as the Unix root user. Unix shell access is obtained by escaping the restricted Traffic Management Shell TMSH. The escape may not be reliable, and yo...

Adobe Connect 11.4.5 - Local File Disclosure Vulnerability

Title: Adobe Connect 11.4.5 - Local File Disclosure Author: h4shur date:2021.01.16-2023.02.17 CVE: CVE-2023-22232 Vendor Homepage: https://www.adobe.com Software Link: https://www.adobe.com/products/adobeconnect.html Version: 11.4.5 and earlier, 12.1.5 and earlier User interaction: None Tested on...

Adobe Connect 11.4.5 / 12.1.5 Local File Disclosure

Title: adobe connect - Local File Disclosure / Download security feature bypass vulnerability Author: h4shur date:2021.01.16-2023.02.17 CVE: CVE-2023-22232 Vendor Homepage: https://www.adobe.com Software Link: https://www.adobe.com/products/adobeconnect.html Version: 11.4.5 and earlier, 12.1.5 an...

PT-2023-1470 · Adobe · Connect

Name of the Vulnerable Software and Affected Versions: Adobe Connect versions 11.4.5 and earlier Adobe Connect versions 12.1.5 and earlier Description: The issue is related to an Improper Access Control vulnerability in Adobe Connect, which could result in a Security feature bypass. An attacker...

PT-2022-10049 · Vmware +1 · Vmware Tools +1

Name of the Vulnerable Software and Affected Versions: VMware Tools for Windows versions prior to 12.1.5 Description: The issue is related to a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS can trigger a PANIC in the...

PT-2022-6136 · Vmware · Vmware Tools For Windows +1

Name of the Vulnerable Software and Affected Versions: VMware Tools for Windows versions 10.x.y through 12.1.4 VMware Tools for Windows versions 11.x.y Description: The issue is related to insufficient input validation in the VM3DMP driver of VMware Tools for Windows, which can lead to a...

F5 BIG-IP TMUI Directory Traversal / File Upload / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP TMUI Directory Traversal and File Upload RCE', 'Description' = %q This module exploits a directory traversal in F5's BIG-IP Traffic...

F5 BIG-IP Buffer Error Vulnerability

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A security vulnerability exists in F5 BIG-IP versions 12.1.0 through 12.1.5. An attacker can exploit the vulnerability to caus...

Design/Logic Flaw

On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors...

PT-2020-18758 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 11.6.0 through 11.6.5.1 BIG-IP versions 12.1.0 through 12.1.5 BIG-IP versions 13.1.0 through 13.1.3.1 BIG-IP versions 14.0.0 through 14.0.1 BIG-IP versions 14.1.0 through 14.1.2.2 BIG-IP versions 15.0.0 through 15.0.1.1...

Command injection

In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, when backend servers serve HTTP pages with special JavaScript code, this can lead to internal portal access name conflict...

CVE-2019-19151

On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Manager version 3.1.1, authenticated users granted TMOS Shell tmsh privileges are able access object...

CVE-2019-6681

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a memory leak in Multicast Forwarding Cache MFC handling in tmrouted...

CVE-2019-6681

On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a memory leak in Multicast Forwarding Cache MFC handling in tmrouted...

CVE-2019-6654

On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering As defined in RFC 1812 section 5.3.7 on the control plane management interface. This may allow attackers on an adjacent system to force BIG-IP into processing...

Design/Logic Flaw

On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering As defined in RFC 1812 section 5.3.7 on the control plane management interface. This may allow attackers on an adjacent system to force BIG-IP into processing...