EUVD-2025-19753

Malicious code in bioql PyPI...

CVE-2025-34078

A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file nsclient.ini stores the administrative password in plaintext and is readable by local users. By extracting this password, an attack...

CVE-2025-34078

A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file nsclient.ini stores the administrative password in plaintext and is readable by local users. By extracting this password, an attack...

CVE-2025-34079

An authenticated remote code execution vulnerability exists in NSClient++ version 0.5.2.35 when the web interface and ExternalScripts module are enabled. A remote attacker with the administrator password can authenticate to the web interface default port 8443, inject arbitrary commands as externa...

CVE-2025-34079 NSClient++ Authenticated Remote Code Execution via ExternalScripts API

An authenticated remote code execution vulnerability exists in NSClient++ version 0.5.2.35 when the web interface and ExternalScripts module are enabled. A remote attacker with the administrator password can authenticate to the web interface default port 8443, inject arbitrary commands as externa...

CVE-2025-34079 NSClient++ Authenticated Remote Code Execution via ExternalScripts API

An authenticated remote code execution vulnerability exists in NSClient++ version 0.5.2.35 when the web interface and ExternalScripts module are enabled. A remote attacker with the administrator password can authenticate to the web interface default port 8443, inject arbitrary commands as externa...

CVE-2025-34079

NSClient++ 0.5.2.35 exposes an authenticated remote code execution via the ExternalScripts API when the web interface and ExternalScripts module are enabled. An attacker who has administrator credentials can authenticate to the web interface (default port 8443), inject arbitrary commands through ...

CVE-2025-34078 NSClient++ 0.5.2.35 Local Privilege Escalation via ExternalScripts and Web Interface

A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file nsclient.ini stores the administrative password in plaintext and is readable by local users. By extracting this password, an attack...

CVE-2025-34078 NSClient++ 0.5.2.35 Local Privilege Escalation via ExternalScripts and Web Interface

A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file nsclient.ini stores the administrative password in plaintext and is readable by local users. By extracting this password, an attack...

CVE-2025-34078

NSClient++ 0.5.2.35 contains a local privilege-escalation flaw when both web interface and ExternalScripts are enabled. The nsclient.ini file stores the admin password in plaintext and is readable by local users, allowing an attacker to extract the credential, authenticate to the NSClient++ web i...

PT-2025-27669 · Unknown · Nos Client

Name of the Vulnerable Software and Affected Versions: NSClient++ version 0.5.2.35 Description: A local privilege escalation issue exists when both the web interface and ExternalScripts features are enabled. The configuration file nsclient.ini stores the administrative password in plaintext and i...

NSClient++ 0.5.2.35 - Privilege escalation

This module allows an attacker with an unprivileged windows account to gain admin access on windows system and start a shell. For this module to work, both the NSClient++ web interface and ExternalScripts features must be enabled. You must also know where the NSClient config file is, as it is use...

NSClient++ 0.5.2.35 Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NSClient++ 0.5.2.35 - Privilege escalation', 'Description' = %q This module allows an attacker with an unprivileged windows account to gain admin...

NSClient++ 0.5.2.35 Privilege Escalation Exploit

This Metasploit module allows an attacker with an unprivileged windows account to gain admin access on windows system and start a shell. For this module to work, both the NSClient++ web interface and ExternalScripts features must be enabled. You must also know where the NSClient config file is, a...

NSClient++ 0.5.2.35 Remote Code Execution Exploit

This Metasploit module allows an attacker with knowledge of the admin password of NSClient++ to start a privileged shell. For this module to work, both web interface of NSClient++ and ExternalScripts feature should be enabled. This module requires Metasploit: https://metasploit.com/download Curre...

NSClient++ 0.5.2.35 - ExternalScripts Authenticated Remote Code Execution

This module allows an attacker with knowledge of the admin password of NSClient++ to start a privilege shell. For this module to work, both web interface of NSClient++ and ExternalScripts feature should be enabled. Module Options msf use exploit/windows/http/nscpauthenticatedrce msf...

PT-2025-27670 · Unknown · Nos Client

Name of the Vulnerable Software and Affected Versions: NSClient++ version 0.5.2.35 Description: An authenticated remote code execution issue exists when the web interface and ExternalScripts module are enabled. A remote attacker with the administrator password can authenticate to the web interfac...