38 matches found
IBM i Access Client Solutions Remote Credential Theft
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/IBMIACCESSCLIENTREMOTECREDENTIALTHEFTCVE-2024-22318.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ibm.com Product IBM i Access Client Solutions Versions All...
CVE-2023-3243
CVE-2023-3243 affects Honeywell BCM-WEB version 3.3.X. The vulnerability allows an attacker to capture an authenticating hash and reuse it to create new sessions; the hash is a poorly salted MD5, enabling brute-forcing of passwords. Affected product is BCM-WEB 3.3.x, with recommendations to upgra...
CVE-2022-24581
ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software...
Design/Logic Flaw
ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software...
CVE-2022-24581
ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software...
CVE-2022-24581
CVE-2022-24581 affects ACEweb Online Portal 3.5.065. The issue allows unauthenticated users to trigger SMB hash disclosure by providing the UNC path of an external SMB share during file upload, causing the victim server to reveal the username and password hash of the ACEweb Online software user. ...
Github clash 访问控制错误漏洞
Github clash is a rule-based tunnel in Go. A security vulnerability exists in Github clash, which can be exploited by embedding a malicious iframe page into a website with a crafted URL that launches the Clash Windows client and forces it to open a remote SMB share. Windows will perform NTLM...
TripSpark VEO Transportation - Blind SQL Injection
Exploit Title: TripSpark VEO Transportation - 'editOEN' Blind SQL Injection Google Dork: inhtml:"Student Busing Information" Date: 07/27/2021 Exploit Author: Sedric Louissaint @LKn0w Vendor Homepage: https://www.tripspark.com Software Document Link:...
Default configuration
SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypass firewal...
SonicWall SSO-Agent NetAPI Vulnerability allows an attacker to force SSO Agent authentication, potentially leading to firewall access control bypass
SonicWall SSO-agent default configuration uses Microsoft NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypa...
CVE-2020-13699
TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either...
CVE-2020-14049
Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this...
CVE-2020-9324
Aquaforest TIFF Server 4.0 allows Unauthenticated SMB Hash Capture via UNC...
CVE-2020-9324
Aquaforest TIFF Server 4.0 allows Unauthenticated SMB Hash Capture via UNC...
Design/Logic Flaw
Aquaforest TIFF Server 4.0 allows Unauthenticated SMB Hash Capture via UNC...
CVE-2020-9324
CVE-2020-9324 affects Aquaforest TIFF Server 4.0 and is described in connected sources as allowing an Unauthenticated SMB hash capture via UNC path . The vulnerability is triggered over the network (attack vector: NETWORK) with low attack complexity and no authentication required, leading to a co...
CVE-2020-9324
Aquaforest TIFF Server 4.0 allows Unauthenticated SMB Hash Capture via UNC...
Gene6 BPFTP FTP Server 2.0 - User Credentials Disclosure
Gene6 BPFTP FTP Server 2.0 - User Credentials Disclosure source: https://www.securityfocus.com/bid/2534/info G6 FTP Server now known as BPFTP Server is an internet FTP server by Gene6 If a logged in FTP user connects to an external share and submits a malformed 'size' or 'mdtm' command, the user...