Delinea Thycotic Secret Server Dump

This module exports and decrypts Secret Server credentials to a CSV file; it is intended as a post-exploitation module for Windows hosts with Delinea/Thycotic Secret Server installed. Master Encryption Key MEK and associated IV values are decrypted from encryption.config using a static key baked...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.16.0.1)

The version of AOS installed on the remote host is prior to 5.16.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.16.0.1 advisory. - OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of...

Ubuntu: Security Advisory (USN-64-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the WebReportsApi.dll software for managing the infrastructure of Device42’s data processing center allows a hacker to obtain the encryption key.

The vulnerability of the WebReportsApi.dll software for managing the infrastructure of Device42’s data processing center lies in the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an attacker operating remotely to obtain the encryption key...

CVE-2022-1400 Hardcoded encryption key IV in Exago WebReportsApi.dll

Use of Hard-coded Cryptographic Key vulnerability in the WebReportsApi.dll of Exago Web Reports, as used in the Device42 Asset Management Appliance, allows an attacker to leak session IDs and elevate privileges. This issue affects: Device42 CMDB versions prior to 18.01.00...

Critical Flaws Disclosed in Device42 IT Asset Management Software

Cybersecurity researchers have disclosed multiple severe security vulnerabilities asset management platform Device42 that, if successfully exploited, could enable a malicious actor to seize control of affected systems. "By exploiting these issues, an attacker could impersonate other users, obtain...

Hardcoded credentials

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...

CVE-2022-34045

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption key for its configuration files at /etcro/lighttpd/www/cgi-bin/ExportAllSettings.sh...

Decrypt Citrix NetScaler Config Secrets

This module takes a Citrix NetScaler ns.conf configuration file as input and extracts secrets that have been stored with reversible encryption. The module supports legacy NetScaler encryption RC4 as well as the newer AES-256-ECB and AES-256-CBC encryption types. It is also possible to decrypt...

Deserialization of untrusted data

kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file...

CVE-2022-31102

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting XSS bug which could allow an attacker to inject arbitrary JavaScript in the /auth/callback page in a victim's browser. This...

CVE-2022-31102

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting XSS bug which could allow an attacker to inject arbitrary JavaScript in the /auth/callback page in a victim's browser. This...

Cross site scripting

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting XSS bug which could allow an attacker to inject arbitrary JavaScript in the /auth/callback page in a victim's browser. This...

GHSA-PMJG-52H9-72QV Argo CD SSO users vulnerable to Cross-site Scripting

Impact All versions of Argo CD starting with 2.3.0 are vulnerable to a cross-site scripting XSS bug which could allow an attacker to inject arbitrary JavaScript in the /auth/callback page in a victim's browser. This vulnerability only affects Argo CD instances which have SSO enabled. The exploit...

Argo CD SSO users vulnerable to Cross-site Scripting

Impact All versions of Argo CD starting with 2.3.0 are vulnerable to a cross-site scripting XSS bug which could allow an attacker to inject arbitrary JavaScript in the /auth/callback page in a victim's browser. This vulnerability only affects Argo CD instances which have SSO enabled. The exploit...

CVE-2022-31102 Cross-site Scripting for Argo CD single sign on users

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting XSS bug which could allow an attacker to inject arbitrary JavaScript in the /auth/callback page in a victim's browser. This...

CVE-2022-31102 Cross-site Scripting for Argo CD single sign on users

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting XSS bug which could allow an attacker to inject arbitrary JavaScript in the /auth/callback page in a victim's browser. This...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting XSS bug which could allow an attacker to inject arbitrary JavaScript in the /auth/callback page in a victim's browser. This...

WordPress XCloner plugin cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. versions of the WordPress XCloner plugin prior to 4.3.6 are vulnerable to cross-site request forgery,...

CVE-2022-0444

The Backup, Restore and Migrate WordPress Sites With the XCloner Plugin WordPress plugin before 4.3.6 does not have authorisation and CSRF checks when resetting its settings, allowing unauthenticated attackers to reset them, including generating a new backup encryption key...