Lucene search
K

64 matches found

Metasploit
Metasploit
added 2 days ago12 views

FTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an FTP server. Listen for a connection Module Options msf use payload/cmd/windows/ftp/x86/meterpreter/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options... ms...

6.2AI score
Exploits0
Metasploit
Metasploit
added 2 days ago19 views

FTP Fetch, Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/upexec/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf...

6.2AI score
Exploits0
OSV
OSV
added 2026/07/02 12:0 a.m.3 views

MAL-2026-6768 Malicious code in @marketfront/blenderdevtool (npm)

The @marketfront/blenderdevtool package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/02 12:0 a.m.8 views

Malicious code in @marketfront/bannerpopup (npm)

The @marketfront/bannerpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6AI score
Exploits0References2
OSV
OSV
added 2026/04/03 11:17 p.m.13 views

ALPINE-CVE-2026-34933

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version...

5.5CVSS5.3AI score0.00203EPSS
Exploits1References1
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.193 views

HTTPS Fetch, Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTPS server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/upexec/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf...

6AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.180 views

HTTP Fetch, Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTP server. Uploads an executable and runs it staged. Listen for a connection Module Options msf use payload/cmd/windows/http/x86/upexec/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 sho...

6AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.158 views

HTTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTP server. Listen for a connection Module Options msf use payload/cmd/windows/http/x86/peinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options... msf...

6AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.154 views

HTTP Fetch, Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/upexec/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf...

6AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.157 views

HTTP Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/peinject/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf payloadreversetcprc4dns show options...

6AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.82 views

HTTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTP server. Listen for a connection Module Options msf use payload/cmd/windows/http/x86/dllinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options... ms...

6AI score
Exploits0
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.86 views

HTTP Fetch, Windows shellcode stage, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTP server. Custom shellcode stage. Listen for a connection Module Options msf use payload/cmd/windows/http/x86/custom/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show...

6AI score
Exploits0
Metasploit
Metasploit
added 2026/03/03 6:58 p.m.211 views

Linux RC4 Packer with In-Memory Execution (x86)

This evasion module packs Linux payloads using RC4 encryption and executes them from memory using memfdcreate for fileless execution. The evasion module works on systems with Linux Kernel 3.17+ due to memfdcreate support. Features: - RC4 encryption with configurable key size - Fileless execution...

5.9AI score
Exploits0
NVD
NVD
added 2026/02/24 4:24 p.m.20 views

CVE-2026-27519

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...

8.7CVSS0.00186EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/24 12:0 a.m.12 views

PT-2026-21757

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...

8.7CVSS5.4AI score0.00186EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/22 3:30 a.m.7 views

funadmin: XSS through Value argument in Backend Interface component

A security vulnerability has been detected in funadmin up to 7.1.0-rc4. This vulnerability affects unknown code of the file app/backend/view/index/index.html of the component Backend Interface. The manipulation of the argument Value leads to cross site scripting. The attack is possible to be...

4.8CVSS3.7AI score0.00202EPSS
Exploits1References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/21 11:2 p.m.6 views

CVE-2026-2894 funadmin forget.html getMember information disclosure

A vulnerability was identified in funadmin up to 7.1.0-rc4. Affected by this vulnerability is the function getMember of the file app/frontend/view/login/forget.html. Such manipulation leads to information disclosure. The attack may be launched remotely. The exploit is publicly available and might...

6.9CVSS5.4AI score0.004EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2026/01/22 12:0 a.m.151 views

📄 Malwarebytes Anti-Malware 2.x Privilege Escalation

This advisory hosts useful analysis of older research from 2016, when Google's Project Zero discovered multiple security issues in MalwareBytes Anti-Malware version 2.x. The software suffered from a combination of security flaws that allowed attackers to remotely tamper with...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001519)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001519 advisory. A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget...

7CVSS6.5AI score0.0031EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 4 : openssl-1.0.0-20.AXS4 (AXSA:2012-14:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-14:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

5CVSS8.2AI score0.05012EPSS
Exploits0References2
Rows per page
Query Builder