3059 matches found
CVE-2025-7883 Eluktronics Control Center Powershell Script Command command injection
A vulnerability classified as critical has been found in Eluktronics Control Center 5.23.51.41. Affected is an unknown function of the file \AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to command injection. Attacking locally is a...
CVE-2025-7883 Eluktronics Control Center Powershell Script Command command injection
A vulnerability classified as critical has been found in Eluktronics Control Center 5.23.51.41. Affected is an unknown function of the file \AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to command injection. Attacking locally is a...
CVE-2025-7883
CVE-2025-7883 affects Eluktronics Control Center 5.23.51.41. A vulnerability in the Powershell Script Handler’s file path AiStoneService\MyControlCenter\Command enables local command injection. Exploitation requires local access; the exploit has been disclosed publicly. The root cause involves an...
Eluktronics Control Center 注入漏洞
Eluktronics Control Center is a control center software from Eluktronics, USA. An injection vulnerability exists in Eluktronics Control Center version 5.23.51.41, which originates from a command injection in the file AiStoneServiceMyControlCenterCommand in the Powershell Script Handler component...
Malicious code in avatar-handler (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c3750cf8fac7fc22334d1fb416e7f3af691425c669829dcc9857abdc1384bbb7 Code pretending to handling downloading an image, but in fact is prepared to download and execute a Powershell script image properties. No known usage ---...
MAL-2025-191685 Malicious code in avatar-handler (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c3750cf8fac7fc22334d1fb416e7f3af691425c669829dcc9857abdc1384bbb7 Code pretending to handling downloading an image, but in fact is prepared to download and execute a Powershell script image properties. No known usage ---...
Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges
Exploit Title : Microsoft Graphics Component Windows 11 Pro Build 26100+ - Local Elevation of Privileges Author: nu11secur1ty Date: 07/11/2025 --- Overview This repository contains a PowerShell script to validate whether a Windows 11 system is vulnerable to CVE-2025-49744—a critical local privile...
SharePoint Sites May Not Be Displayed When Browsing Backups
Challenge When browsing backups or backup copies, SharePoint root sites and their subsites may not be visible. Cause If a backed-up SharePoint subsite is moved between repositories using the Move-VBOEntityData cmdlet, or removed from a repository using the Remove-VBOEntityData cmdlet, the metadat...
Innovative Tunnelling and Forensic Tool Abuse: IR Tales from the Field
Rapid7 Incident Response consultants Willow Shipperley and Noah Hemker contributed analysis and insight to this blog. Executive summary Rapid7’s Incident Response IR team was engaged to investigate an incident involving an attempted Cobalt Strike execution. The investigation uncovered twists and...
📄 Remote Mouse 4.601 Privilege Escalation
Remote Mouse version 4.601 for Windows listens on UDP port 1978 and allows privilege escalation. An attacker on the same network can spawn a SYSTEM-level powershell.exe, resulting in full privilege escalation without authentication or user interaction. Exploit Title: Remote Mouse 4.601 - Local...
📄 Remote Mouse 4.601 Remote Command Execution
This exploit targets Remote Mouse version 4.6.0.1 by injecting malicious UDP packets that simulate keyboard input to execute arbitrary PowerShell commands. The vulnerability exists in the way Remote Mouse processes unauthenticated UDP commands on port 1978 by sending specially crafted packets...
📄 TouchServer 2.0.0 Remote Code Execution
TouchServer version 2.0.0 has a vulnerability that allows remote attackers to execute arbitrary commands by sending specially crafted UDP packets. This exploit delivers a PowerShell reverse shell by emulating keyboard input to trigger its download and execution. Exploit Title: TouchServer 2.0.0 -...
Malicious code in hancsv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bb3fdca931bea8323cd7a8c2578f6d0c0594b3ea1b30df1819830168fe90983b Importing the module triggers downloading and executing Powershell script. The script collects information about the host including e.g. startup applications a...
MAL-2025-191748 Malicious code in hancsv (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bb3fdca931bea8323cd7a8c2578f6d0c0594b3ea1b30df1819830168fe90983b Importing the module triggers downloading and executing Powershell script. The script collects information about the host including e.g. startup applications a...
CVE-2025-34511
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager XM and Experience Platform XP, through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remot...
VulnCheck KEV: CVE-2025-34511
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager XM and Experience Platform XP, through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in...
Water Curse Employs 76 GitHub Accounts to Deliver Multi-Stage Malware Campaign
Cybersecurity researchers have exposed a previously unknown threat actor known as Water Curse that relies on weaponized GitHub repositories to deliver multi-stage malware. "The malware enables data exfiltration including credentials, browser data, and session tokens, remote access, and long-term...
CVE-2025-34511
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager XM and Experience Platform XP, through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remot...
CVE-2025-34511
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager XM and Experience Platform XP, through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remot...
CVE-2025-34511 Sitecore PowerShell Extension RCE via Unrestricted Upload
Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager XM and Experience Platform XP, through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remot...