14 matches found
CVE-2026-39908
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...
EUVD-2026-35138
OpenBullet2 through version 0.3.2 contains an authentication bypass vulnerability in the API key authentication middleware that allows unauthenticated attackers to gain admin access by supplying an empty X-Api-Key header value. Attackers can exploit the middleware's comparison of the supplied...
CVE-2026-25559 OpenBullet2 0.3.2 Path Traversal via Wordlist Endpoint
OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can...
CVE-2026-25856
OpenBullet2 (up to version 0.3.2) contains an authenticated remote code execution vulnerability: authenticated users can create/modify job configurations to execute arbitrary C# code on the server, with access to the file system, process spawning, and arbitrary .NET APIs as the process user. The ...
CVE-2026-25855
OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...
CVE-2026-39908 OpenBullet2 0.3.2 NTLMv2 Hash Disclosure via UNC Path Proxy Source
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...
CVE-2026-39908
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...
CVE-2026-39908 OpenBullet2 0.3.2 NTLMv2 Hash Disclosure via UNC Path Proxy Source
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...
PT-2026-47343
OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability that allows authenticated users to execute arbitrary C code on the server host by creating or modifying job configurations. Attackers can leverage the plain C execution mode, which lacks reference...
PT-2026-47344
OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...
PT-2026-47342
OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...
OpenBullet2 操作系统命令注入漏洞
OpenBullet2 is a cross-platform automated testing and data scraping tool developed by the OpenBullet team. Versions of OpenBullet2 prior to 0.3.2 contained an operating system command injection vulnerability. This vulnerability originated from the FileProxySource proxy loading function, which cou...
New Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet Configs
A new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cyber criminals with the goal of delivering a remote access trojan RAT capable of stealing sensitive information. Bot mitigation company Kasada said the activity is designed to...
How Cybercriminals Abuse OpenBullet for Credential Stuffing
In this blog, we detail how cybercriminals exploit OpenBullet, a legitimate web-testing software, to brute-force their way into targeted accounts...