Bomgar Remote Support Portal JavaStart Applet <= 52970 - Path Traversal Vulnerability

Exploit for java platform in category web applications The Path Traversal vulnerability was found in the component of the Bomgar Remote Support Portal RSP 1. The affected component is a JavaStart.jar applet that is hosted at https://TARGET/api/content/JavaStart.jar on the vulnerable RSP...

Bomgar Remote Support Portal JavaStart.jar Applet Path Traversal Vulnerability

Bomgar Remote Support Portal JavaStart.jar Applet is a suite of cross-platform remote support tools from Bomgar, USA. The tool provides remote assistance through firewalls to remote desktops, servers, POS systems and other mobile devices. A path traversal vulnerability exists in Bomgar Remote...

Path traversal

Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar Remote Support Portal deployment at https://domain/api/content/JavaStart.jar and is callable from...

CVE-2017-12815

Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar Remote Support Portal deployment at https://domain/api/content/JavaStart.jar and is callable from...

CVE-2017-12815

Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar Remote Support Portal deployment at https://domain/api/content/JavaStart.jar and is callable from...

CVE-2017-12815

CVE-2017-12815 concerns a path traversal vulnerability in Bomgar Remote Support Portal’s JavaStart.jar Applet (versions 52790 and earlier). The underlying issue is in App.class, which uses the attacker-controlled URL parameter to construct a File() path, allowing creation/modification/deletion of...

DualDesk 20 - Proxy.exe Denial of Service Vulnerability

Exploit for windows platform in category dos / poc + Credits: John Page aka hyp3rlinx Vendor: =============== www.dualdesk.com Product: =========== DualDesk v20 DualDesk is powerful, easy to use remote support software that is a one-time purchase and lets your technical support staff remote assis...

CVE-2018-0110

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access the remote support account even after it has been disabled via the web application. The vulnerability is due to a design flaw in Cisco WebEx Meetings Server, which would not disable access to...

CVE-2018-0110

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access the remote support account even after it has been disabled via the web application. The vulnerability is due to a design flaw in Cisco WebEx Meetings Server, which would not disable access to...

New TeamViewer Hack Could Allow Clients to Hijack Viewers' Computer

Do you have remote support software TeamViewer installed on your desktop? If yes, then you should pay attention to a critical vulnerability discovered in the software that could allow users sharing a desktop session to gain complete control of the other's PC without permission. TeamViewer is a...

Design/Logic Flaw

The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel SSH which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily leveraged for remote support and allowed for...

CVE-2017-6679

The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel SSH which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily leveraged for remote support and allowed for...

PT-2017-4252 · Cisco · Cisco Umbrella +1

Name of the Vulnerable Software and Affected Versions: Cisco Umbrella Virtual Appliance versions prior to 2.1.0 Cisco Umbrella affected versions not specified Description: The issue is related to errors in resource release in the web interface of the Cisco Umbrella security service. Exploitation ...

CVE-2017-6679

The Cisco Umbrella Virtual Appliance Version 2.0.3 and prior contained an undocumented encrypted remote support tunnel SSH which auto initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters. These tunnels were primarily leveraged for remote support and allowed for...

CVE-2017-6679

The CVE-2017-6679 entry covers Cisco Umbrella Virtual Appliance versions 2.0.3 and earlier, which contained an undocumented encrypted remote support tunnel (SSH) that auto-initiated from the appliance to Cisco’s SSH Hubs. This tunnel allowed authorized Cisco Umbrella personnel to access the appli...

Bomgar Remote Support DLL Hijacking Vulnerability

Bomgar Remote Support is a suite of cross-platform remote support software from Bomgar USA. The software provides remote assistance through firewalls for remote desktops, servers, POS systems and other mobile devices. A security vulnerability exists in the agent in Bomgar Remote Support, which...

Bomgar Remote Support Local Privilege Escalation Vulnerability

Bomgar Remote Support suffers from a local privilege escalation vulnerability. Versions affected include 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Advisory Name: Bomgar Remote Support - Loc...

CVE-2017-5996

The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions...

Design/Logic Flaw

The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions...

CVE-2017-5996

The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions...