Lucene search
K

127 matches found

Nuclei
Nuclei
added yesterday17 views

Kaseya VSA < 9.5.7 - Arbitrary File Upload to Remote Code Execution

An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management RMM 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leadin...

10CVSS7.4AI score0.60084EPSS
Exploits1References5
Nuclei
Nuclei
added 6 days ago19 views

Kaseya VSA < 9.5.7 - Credential Disclosure via Windows Agent

Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offers a download page where the clients for the installation can be downloaded. The default URL for this page is https://x.x.x.x/dl.asp When an attacker download a client...

10CVSS7.5AI score0.85619EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-6494

Malware in sbrugna...

7.8CVSS7.6AI score0.01811EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2019-5685

Malware in sbrugna...

7.2CVSS6.6AI score0.00534EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2021-17058

Malware in sbrugna...

10CVSS8AI score0.60084EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-17060

Malware in sbrugna...

9.9CVSS8.6AI score0.05701EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 9:26 p.m.10 views

CVE-2021-30116

Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offers a download page where the clients for the installation can be downloaded. The default URL for this page is https://x.x.x.x/dl.asp When an attacker download a client...

10CVSS6.6AI score0.85619EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:38 p.m.8 views

CVE-2021-30120

Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement. The need to use 2FA for authentication in enforce client-side instead of server-side and can be bypassed using a local proxy. Thus rendering 2FA useless. Detailed description --- During the login process, after the user...

9.9CVSS7.1AI score0.05701EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:30 p.m.12 views

CVE-2021-30118

An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management RMM 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leadin...

10CVSS7.8AI score0.60084EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 a.m.9 views

CVE-2019-14510

An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration, the LAN Cache feature creates a local account FSAdminxxxxxxxxx e.g., FSAdmin123456789 on the server that hosts the LAN Cache and all clients that are assigned to a LAN Cache. This account is placed...

7.2CVSS6.8AI score0.00534EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.9 views

CVE-2019-15506

An issue was discovered in Kaseya Virtual System Administrator VSA through 9.4.0.37. It has a critical information disclosure vulnerability. An unauthenticated attacker can send properly formatted requests to the web application and download sensitive files and information. For example, the...

7.8CVSS6.7AI score0.01811EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.251 views

Kaseya VSA Master Administrator Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kaseya VSA Master Administrator Account Creation', 'Description' = %q This module abuses the setAccount page on Kaseya VSA between 7 and 9.1 to...

9.8CVSS7.4AI score0.82102EPSS
Exploits13
BDU FSTEC
BDU FSTEC
added 2023/05/10 12:0 a.m.5 views

The vulnerability of the /InstallTab/exportFldr.asp component of the Kaseya VSA software, a virtual system administrator tool for IT systems, allows a hacker to execute arbitrary SQL code.

The vulnerability of the /InstallTab/exportFldr.asp component of the Kaseya VSA software for remote monitoring and management of IT systems is related to the lack of protection for the SQL query structure during the processing of the fldrId parameter. Exploiting this vulnerability allows an...

9CVSS8.1AI score0.72054EPSS
Exploits0References4Affected Software1
Malwarebytes
Malwarebytes
added 2023/04/13 1:30 p.m.15 views

Ransomware review: April 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...

6.5AI score
Exploits0
Talos Blog
Talos Blog
added 2023/04/06 6:0 p.m.94 views

Threat Source newsletter (April 6, 2023) — Another friendly reminder about supply chain attacks

Welcome to this weeks edition of the Threat Source newsletter. It seems like we cant go a full calendar year without a major supply chain attack. In late 2020 we had the SolarWinds incident which, doesnt that somehow seem like five years ago but also yesterday?, then the REvil ransomware group...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/03 4:48 p.m.26 views

NetStandard attack should make Managed Service Providers sit up and take notice

Managed Service Providers MSPs, organizations that allow companies to outsource a variety of IT and security functions, are a growing market. Because they are a potential gateway to lots of company networks they make a very attractive target for cybercriminals. In a recent threat advisory Huntres...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/03 4:0 p.m.14 views

NetStandard attack should make Managed Service Providers sit up and take notice

Managed Service Providers MSPs, organizations that allow companies to outsource a variety of IT and security functions, are a growing market. Because they are a potential gateway to lots of company networks they make a very attractive target for cybercriminals. In a recent threat advisory Huntres...

0.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/07/06 12:0 a.m.5 views

The vulnerability of the ManagedIT.asmx component of the ConnectWise ManagedITSync plugin in the Kaseya VSA IT-infrastructure management platform allows a attacker to execute arbitrary SQL commands.

The vulnerability of the ManagedIT.asmx component of the ConnectWise ManagedITSync business management platform is related to the lack of validation for the validity of XML objects’ sequences. Exploiting this vulnerability could allow a malicious actor to execute arbitrary SQL commands through th...

10CVSS8.2AI score0.86706EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.27 views

Kaseya VSA < 9.3.0.35 / 9.4 < 9.4.0.36 / 9.5 < 9.5.0.5 RCE

The version of Kaseya VSA installed on the remote host is affected by a remote code execution vulnerability. Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January...

9.8CVSS9.2AI score0.29551EPSS
Exploits1References3
Check Point Advisories
Check Point Advisories
added 2022/05/08 12:0 a.m.8 views

Kaseya VSA Remote Code Execution (CVE-2018-20753)

A remote code execution vulnerability exists in Kaseya VSA. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.9AI score0.29551EPSS
Exploits1
Rows per page
Query Builder