94 matches found
Can you use too many LOLBins to drop some RATs?
Recently, our team came across an infection attempt that stood out—not for its sophistication, but for how determined the attacker was to take a “living off the land” approach to the extreme. The end goal was to deploy Remcos , a Remote Access Trojan RAT, and NetSupport Manager , a legitimate...
CVE-2025-34181
NetSupport Manager 14.12.0001 contains an arbitrary file write vulnerability in its Connectivity Server/Gateway PUTFILE request handler. An attacker with a valid Gateway Key can supply a crafted filename containing directory traversal sequences to write files to arbitrary locations on the server...
CVE-2025-34179
NetSupport Manager 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL through the LinkName/URI...
EUVD-2025-203379
NetSupport Manager 14.12.0001 relies on a shared Gateway Key for authentication between Manager/Control, Client, and Connectivity Server components. The key is stored using a reversible encoding scheme. An attacker who obtains access to a deployed client configuration file can decode the stored...
EUVD-2025-203382
NetSupport Manager 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL through the LinkName/URI...
EUVD-2025-203378
NetSupport Manager 14.12.0001 contains an arbitrary file write vulnerability in its Connectivity Server/Gateway PUTFILE request handler. An attacker with a valid Gateway Key can supply a crafted filename containing directory traversal sequences to write files to arbitrary locations on the server...
CVE-2025-34179
NetSupport Manager 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL through the LinkName/URI...
CVE-2025-34181
NetSupport Manager 14.12.0001 contains an arbitrary file write vulnerability in its Connectivity Server/Gateway PUTFILE request handler. An attacker with a valid Gateway Key can supply a crafted filename containing directory traversal sequences to write files to arbitrary locations on the server...
CVE-2025-34181 NetSupport Manager < 14.12.0001 Authenticated Path Traversal Arbitrary File Write RCE
NetSupport Manager 14.12.0001 contains an arbitrary file write vulnerability in its Connectivity Server/Gateway PUTFILE request handler. An attacker with a valid Gateway Key can supply a crafted filename containing directory traversal sequences to write files to arbitrary locations on the server...
CVE-2025-34181
NetSupport Manager prior to version 14.12.0001 contains an authenticated path traversal and arbitrary file-write vulnerability in the Connectivity Server/Gateway PUTFILE handler. An attacker with a valid Gateway Key can craft a filename with directory traversal sequences to write files to arbitra...
CVE-2025-34181 NetSupport Manager < 14.12.0001 Authenticated Path Traversal Arbitrary File Write RCE
NetSupport Manager 14.12.0001 contains an arbitrary file write vulnerability in its Connectivity Server/Gateway PUTFILE request handler. An attacker with a valid Gateway Key can supply a crafted filename containing directory traversal sequences to write files to arbitrary locations on the server...
CVE-2025-34179 NetSupport Manager < 14.12.0001 Unauthenticated SQLi Local File Disclosure
NetSupport Manager 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL through the LinkName/URI...
CVE-2025-34179
NetSupport Manager
CVE-2025-34179 NetSupport Manager < 14.12.0001 Unauthenticated SQLi Local File Disclosure
NetSupport Manager 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL through the LinkName/URI...
NetSupport Manager 安全漏洞
NetSupport Manager is a remote control software from NetSupport Manager, Inc. A security vulnerability exists in NetSupport Manager versions prior to 14.12.0001, which stems from an unauthenticated SQL injection in Connectivity Server/Gateway HTTPS request processing, which could lead to the...
PT-2025-51233
NetSupport Manager 14.12.0001 contains an arbitrary file write vulnerability in its Connectivity Server/Gateway PUTFILE request handler. An attacker with a valid Gateway Key can supply a crafted filename containing directory traversal sequences to write files to arbitrary locations on the server...
NetSupport Manager 安全漏洞
NetSupport Manager is a remote control software from NetSupport Manager, Inc. A security vulnerability exists in NetSupport Manager versions prior to 14.12.0001 that stems from the presence of an arbitrary file write in the Connectivity Server/Gateway PUTFILE request handler, which could lead to...
NetSupport Manager 安全漏洞
NetSupport Manager is a remote control software from NetSupport Manager, Inc. A security vulnerability exists in NetSupport Manager versions prior to 14.12.0001 that stems from the use of a reversible coding scheme to store a shared Gateway Key, which could lead to unauthorized access...
EUVD-2007-5038
Malware in sbrugna...
EUVD-2007-5232
Malware in sbrugna...