BYOB 安全漏洞

BYOB Build Your Own Botnet is an open source post-development framework for students, researchers and developers by malwaredllc individual developers. A security vulnerability exists in version 2.0 of BYOB, which stems from the inclusion of an arbitrary file write issue...

CVE-2024-45256

CVE-2024-45256 affects BYOB (Build Your Own Botnet) 2.0. The issue is an arbitrary file write in the exfiltration endpoint (file_add in api/files/routes.py) that lets unauthenticated attackers overwrite SQLite databases and bypass authentication via a crafted HTTP parameter. Several sources confi...

PT-2024-31512 · Byob · Byob

Name of the Vulnerable Software and Affected Versions: BYOB Build Your Own Botnet version 2.0 Description: An arbitrary file write issue in the exfiltration endpoint allows attackers to overwrite SQLite databases and bypass authentication via an unauthenticated HTTP request with a crafted...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview luigi is a package that helps you build complex pipelines of batch jobs. It handles dependency resolution, workflow management, visualization, handling failures, command line integration, and much more. Affected versions of this package are vulnerable to Arbitrary File Write via Archive...

PT-2024-6180 · Nginx · Nginx Agent

Name of the Vulnerable Software and Affected Versions: NGINX Agent affected versions not specified Description: The issue is related to the config dirs function of the NGINX Agent and NGINX Instance Manager platform, which allows an attacker to upload arbitrary files outside the intended director...

GO-2022-0805 github.com/u-root/u-root/pkg/tarutil Arbitrary File Write via Archive Extraction (Zip Slip) in github.com/u-root/u-root

github.com/u-root/u-root/pkg/tarutil Arbitrary File Write via Archive Extraction Zip Slip in github.com/u-root/u-root...

GO-2022-0799 Arbitrary File Write via Archive Extraction in mholt/archiver in github.com/mholt/archiver

Arbitrary File Write via Archive Extraction in mholt/archiver in github.com/mholt/archiver...

GO-2022-0647 Arbitrary File Write in Libcontainer in github.com/docker/docker

Arbitrary File Write in Libcontainer in github.com/docker/docker...

GO-2022-0351 Arbitrary file write in nats-server in github.com/nats-io/nats-server

Arbitrary file write in nats-server in github.com/nats-io/nats-server...

GO-2023-2055 Terraform allows arbitrary file write during the `init` operation in github.com/hashicorp/terraform

Terraform allows arbitrary file write during the init operation in github.com/hashicorp/terraform...

GO-2023-2006 1Panel arbitrary file write vulnerability in github.com/1Panel-dev/1Panel

1Panel arbitrary file write vulnerability in github.com/1Panel-dev/1Panel...

PT-2024-30558 · Unknown · Mobile Security Framework

Name of the Vulnerable Software and Affected Versions: Mobile Security Framework MobSF versions prior to 4.0.7 Description: The issue is related to a flaw in the Static Libraries analysis section of MobSF, specifically during the extraction of .a extension files. The measure intended to prevent Z...

Arbitrary File Write

webcrack is vulnerable to Arbitrary File Write. The vulnerability is due to improper handling of path traversal sequences in module names in within the file bundle.ts, which allows attackers to overwrite files on Windows systems when using the unpack bundles and saving features...

CVE-2024-43373

webcrack is a tool for reverse engineering javascript. An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack bundles feature in conjunction with the saving...

CVE-2024-43373 webcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious Bundle

webcrack is a tool for reverse engineering javascript. An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack bundles feature in conjunction with the saving...

CVE-2024-43373

CVE-2024-43373 - webcrack : A Windows-specific arbitrary file write vulnerability exists in the webcrack module when processing crafted code with the unpack bundles and saving features. The root cause is a path traversal check that can be bypassed due to using POSIX path utilities, allowing an at...

CVE-2024-43373 webcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious Bundle

webcrack is a tool for reverse engineering javascript. An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack bundles feature in conjunction with the saving...

CVE-2024-43373 webcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious Bundle

webcrack is a tool for reverse engineering javascript. An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack bundles feature in conjunction with the saving...

webcrack 安全漏洞

webcrack is a tool for reverse engineering javascript by the individual developer j4k0xb. A security vulnerability exists in webcrack that originates from an arbitrary file write vulnerability in the webcrack module when processing specially crafted malicious code on Windows systems...

GHSA-CCQH-278P-XQ6W webcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious Bundle

Summary An arbitrary file write vulnerability exists in the webcrack module when processing specifically crafted malicious code on Windows systems. This vulnerability is triggered when using the unpack bundles feature in conjunction with the saving feature. If a module name includes a path...