Samsung SmartThings Hub video-core credentials videoHostUrl Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the credentials handler of video-core’s HTTP server of Samsung SmartThings Hub. The video-core process incorrectly extracts the videoHostUrl field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An...

Dell RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG Local Untrusted Search Path Vulnerabilities

Dell RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG are all products of Dell Inc.Dell RSA Identity Governance and Lifecycle is a suite of lifecycle management solutions; RSA Via Lifecycle and Governance is a suite of enterprise-class identity and identity...

CVE-2018-0300

A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepower 4100 Series Next-Generation Firewall NGFW and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary...

CVE-2018-0304

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service DoS condition, or execute arbitrary code as root. The vulnerability exists because th...

Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation Exploit

Exploit for linux platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AFPACKET packetsetring Privilege Escalation', 'Description' = %q This module exploits a...

Palo Alto Networks - readSessionVarsFromFile() Session Corruption Exploit

This Metasploit module exploits a chain of vulnerabilities in Palo Alto Networks products running PAN-OS versions prior to 6.1.19, 7.0.19, 7.1.14, and 8.0.6. This chain starts by using an authentication bypass flaw to to exploit an XML injection issue, which is then abused to create an arbitrary...

Palo Alto Networks readSessionVarsFromFile() Session Corruption

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Palo Alto Networks readSessionVarsFromFile Session Corruption', 'Description' = %q This module exploits a chain of vulnerabilities in Palo Alto...

Palo Alto Networks readSessionVarsFromFile() Session Corruption

This module exploits a chain of vulnerabilities in Palo Alto Networks products running PAN-OS versions prior to 6.1.19, 7.0.19, 7.1.14, and 8.0.6. This chain starts by using an authentication bypass flaw to to exploit an XML injection issue, which is then abused to create an arbitrary directory,...

IPVanish for macOS elevation of privilege vulnerability

IPVanish for macOS is a VPN software for anonymous access to the Internet based on the macOS platform. An elevation of privilege vulnerability exists in version 3.0.11 of IPVanish for macOS-based platforms, which stems from the 'com.ipvanish.osx.vpnhelper' LaunchDaemon implementation of the...

PrivateVPN for macOS Privilege Permission and Access Control Vulnerability

PrivateVPN for macOS is a macOS-based VPN software for anonymous access to the Internet. A privilege permission and access control vulnerability exists in PrivateVPN for macOS based platforms. The vulnerability can be exploited by an attacker to execute arbitrary code as root by sending a malicio...

PrivateVPN for macOS Privilege Permission and Access Control Vulnerability (CNVD-2018-04750)

PrivateVPN for macOS is a macOS-based VPN software for anonymous access to the Internet. A privilege permission and access control vulnerability exists in PrivateVPN for macOS-based platforms. An attacker can exploit the vulnerability by sending an XPC message to the XPC service with a...

DEBIAN-CVE-2018-6533

An issue was discovered in Icinga 2.x through 2.8.1. By editing the init.conf file, Icinga 2 can be run as root. Following this the program can be used to run arbitrary code as root. This was fixed by no longer using init.conf to determine account information for any root-executed code a larger...

CVE-2018-6289

Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1...

CVE-2018-5997

An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it is possible to upload a file on a filesystem with root privileges: this will lead to remote code execution as root...

UBUNTU-CVE-2017-1000469

Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user...

WDMyCloud &lt; 2.30.165 - Multiple Vulnerabilities

WDMyCloud Multiple Vulnerabilities Vendor: Western Digital Product: WDMyCloud Version: = 2.30.165 Website: https://www.wdc.com/products/network-attached-storage.html / / / / / / / / / / / / / / / / / / / / / \ / // / // / / / / / / / // / / / /,/// // /// // GulfTech Research and Development...

Palo Alto Networks PAN-OS Cookie Injection

!/bin/bash Exploit Title: Fake Cookie Injection PoC - CVE-2017-15944 Date: December 15, 2017 Description: Create a take custom cookie and then verify it. CVE: CVE-2017-15944 Author: Fernando Lagos Zerial https://twitter.com/Zerial https://blog.zerial.org https://nivel4.com Example: $ bash...

Palo Alto Networks firewalls remote root code execution(CVE-2017-15944)

This is a public advisory for CVE-2017-15944 which is a remote root code execution bug in Palo Alto Networks firewalls. Three separate bugs can be used together to remotely execute commands as root through the web management interface without authentication on: PAN-OS 6.1.18 and earlier, PAN-OS...

Western Digital MyCloud PR4100 Web Management Component 'multi_uploadify' File Upload Vulnerability

The Western Digital MyCloud PR4100 is a networked cloud storage device from Western Digital.The web administration component is one of the web administration components. A security vulnerability exists in the Web administration component of the Western Digital MyCloud PR4100 version 2.30.172. An...

Palo Alto Networks Firewalls - Root Remote Code Execution

This is a public advisory for CVE-2017-15944 which is a remote root code execution bug in Palo Alto Networks firewalls. Three separate bugs can be used together to remotely execute commands as root through the web management interface without authentication on: PAN-OS 6.1.18 and earlier, PAN-OS...