76 matches found
CVE-2026-42075
Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a path traversal vulnerability in the skill download fetch command allows attackers to write files to arbitrary locations on the filesystem. The --out= flag accepts user-provided paths without validation, enabli...
CVE-2026-42075
Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a path traversal vulnerability in the skill download fetch command allows attackers to write files to arbitrary locations on the filesystem. The --out= flag accepts user-provided paths without validation, enabli...
CVE-2026-42075
Evolver (GEP-powered engine) contains a path traversal vulnerability in the fetch (skill download) command prior to version 1.69.3. The --out= flag accepts user-provided paths without validation, enabling an attacker to write files to arbitrary locations on the filesystem and overwrite sensitive ...
CVE-2026-42075 Evolver: Path Traversal via `--out` flag in `fetch` command allows Arbitrary File Write
Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a path traversal vulnerability in the skill download fetch command allows attackers to write files to arbitrary locations on the filesystem. The --out= flag accepts user-provided paths without validation, enabli...
PT-2026-37049
Name of the Vulnerable Software and Affected Versions Net::IMAP versions prior to 0.4.24 Net::IMAP versions prior to 0.5.14 Net::IMAP versions prior to 0.6.4 Description Several commands in the Net::IMAP Ruby library accept raw string arguments that are sent to the server without validation or...
Evolver: Path Traversal via `--out` flag in `fetch` command allows Arbitrary File Write
Summary A path traversal vulnerability in the skill download fetch command allows attackers to write files to arbitrary locations on the filesystem. The --out= flag accepts user-provided paths without validation, enabling directory traversal attacks that can overwrite critical system files or...
GHSA-R466-RXW4-3J9J Evolver: Path Traversal via `--out` flag in `fetch` command allows Arbitrary File Write
Summary A path traversal vulnerability in the skill download fetch command allows attackers to write files to arbitrary locations on the filesystem. The --out= flag accepts user-provided paths without validation, enabling directory traversal attacks that can overwrite critical system files or...
HTTPS Fetch, Reverse TCP Stager (DNS)
Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/vncinject/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options ...show an...
HTTP Fetch, Reverse TCP Stager (DNS)
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/meterpreter/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options ...show an...
HTTP Fetch, Windows Command Shell, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an HTTP server. Spawn a piped command shell staged. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/http/x86/shell/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf...
HTTP Fetch, Windows Command Shell, Find Tag Ordinal Stager
Fetch and execute an x86 payload from an HTTP server. Spawn a piped command shell staged. Use an established connection Module Options msf use payload/cmd/windows/http/x86/shell/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options...
HTTP Fetch
Fetch and execute an x86 payload from an HTTP server. Module Options msf use payload/cmd/windows/http/x86/speakpwned msf payloadspeakpwned show actions ...actions... msf payloadspeakpwned set ACTION msf payloadspeakpwned show options ...show and set options... msf payloadspeakpwned run This modul...
HTTP Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/peinject/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf payloadreversetcprc4dns show options...
HTTPS Fetch, Generic x86 Tight Loop
Fetch and execute an x86 payload from an HTTPS server. Generate a tight loop in the target process Module Options msf use payload/cmd/windows/https/x86/generic/tightloop msf payloadtightloop show actions ...actions... msf payloadtightloop set ACTION msf payloadtightloop show options ...show and s...
HTTP Fetch, Reverse TCP Stager with UUID Support
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/http/x86/meterpreter/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf payloadreversetcpuuid...
HTTP Fetch
Fetch and execute an x86 payload from an HTTP server. Module Options msf use payload/cmd/windows/http/x86/powershellreversetcpssl msf payloadpowershellreversetcpssl show actions ...actions... msf payloadpowershellreversetcpssl set ACTION msf payloadpowershellreversetcpssl show options ...show and...
HTTP Fetch, Reverse TCP Stager
Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/patchupmeterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set...
HTTP Fetch, Windows Reverse HTTP Stager (winhttp)
Fetch and execute an x86 payload from an HTTP server. Tunnel communication over HTTP Windows winhttp Module Options msf use payload/cmd/windows/http/x86/meterpreter/reversewinhttp msf payloadreversewinhttp show actions ...actions... msf payloadreversewinhttp set ACTION msf payloadreversewinhttp...
HTTP Fetch
Fetch and execute an x86 payload from an HTTP server. Module Options msf use payload/cmd/windows/http/x86/loadlibrary msf payloadloadlibrary show actions ...actions... msf payloadloadlibrary set ACTION msf payloadloadlibrary show options ...show and set options... msf payloadloadlibrary run This...
HTTP Fetch, Hidden Bind TCP Stager
Fetch and execute an x86 payload from an HTTP server. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/http/x86/vncinject/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... msf payloadbindhiddentcp...