Lucene search
K

117 matches found

Prion
Prion
added 2018/05/24 8:29 p.m.20 views

Remote code execution

A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary progra...

7.2CVSS6.9AI score0.00459EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/05/24 8:29 p.m.7 views

CVE-2017-14187

A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary progra...

6.2CVSS6.2AI score0.00459EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/05/24 8:0 p.m.12 views

CVE-2017-14187

A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary progra...

7.9AI score0.00459EPSS
Exploits0References3
Fortinet
Fortinet
added 2018/05/18 12:0 a.m.73 views

FortiOS local privilege escalation via malicious use of USB storage devices

An admin user with superadmin privileges can execute an arbitrary binary contained on an USB drive plugged to a FortiGate, via linking the aforementioned binary to a command that is allowed to be run by the fnsysctl CLI command...

7.2CVSS5.1AI score0.00459EPSS
Exploits0Affected Software1
GithubExploit
GithubExploit
added 2017/08/07 11:56 a.m.11 views

Exploit for CVE-2017-8464

CVE-2017-8464-exp-generator this tool can generate a exp for c...

9.3CVSS7.3AI score0.90026EPSS
Exploits20
The Hacker News
The Hacker News
added 2017/08/02 11:56 p.m.14 views

This is How CIA Disables Security Cameras During Hollywood-Style Operations

In last 20 years, we have seen hundreds of caper/heist movies where spies or bank robbers hijack surveillance cameras of secure premises to either stop recording or set up an endless loop for covert operations without leaving any evidence. Whenever I see such scenes in a movie, I wonder and ask...

7.3AI score
Exploits0
Metasploit
Metasploit
added 2017/08/02 8:46 p.m.227 views

LNK Code Execution Vulnerability

This module exploits a vulnerability in the handling of Windows Shortcut files .LNK that contain a dynamic icon, loaded from a malicious DLL. This vulnerability is a variant of MS15-020 CVE-2015-0096. The created LNK file is similar except an additional SpecialFolderDataBlock is included. The...

8.8CVSS10AI score0.90026EPSS
Exploits27
Packet Storm
Packet Storm
added 2017/08/01 12:0 a.m.143 views

Microsoft Windows LNK Shortcut File Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LNK Remote Code Execution Vulnerability', 'Description' = %q This module exploits a vulnerability in the handling of Windows Shortcut files .LNK...

9.3CVSS6.4AI score0.90026EPSS
Exploits27
n0where
n0where
added 2017/04/10 4:25 a.m.394 views

Windows PowerShell LLMNR/NBNS spoofer: Inveigh

Windows PowerShell LLMNR/NBNS spoofer Inveigh is a Windows PowerShell LLMNR/NBNS spoofer designed to assist penetration testers that find themselves limited to a Windows system. This can commonly occur while performing phishing attacks, USB drive attacks, VLAN pivoting, or simply being restricted...

0.2AI score
Exploits0References1
Citrix
Citrix
added 2016/09/23 12:0 a.m.12 views

How to attach USB drive as a local Storage on XenServer

To attach a USB drive as a local storage on XenServer Host...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2016/09/15 6:38 p.m.36 views

WAS - Automatic USB Drive Malware Scanning Tool For The Security-Minded Person

Author: Fabio Baroni http://www.pentest.guru/ @Fabiothebest89 How many times have you plugged in a USB drive and double clicked on a file without scanning for malware? I guess, MANY. Wait A Sec! Even if you are a security guy, you'll often be in a hurry or absent minded and you trust your USB dri...

7.4AI score
Exploits0References2
0day.today
0day.today
added 2015/09/28 12:0 a.m.23 views

My.WiFi USB Drive 1.0 iOS - File Include Vulnerability

Exploit for iOS platform in category web applications Document Title: =============== My.WiFi USB Drive v1.0 iOS - File Include Vulnerability Product & Service Introduction: =============================== My WiFi USB drive. Files can be uploaded with any browser. Start the WiFi Drive web server...

6.9AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2015/09/23 12:0 a.m.17 views

My.WiFi USB Drive v1.0 iOS - File Upload Web Vulnerability

Document Title: =============== My.WiFi USB Drive v1.0 iOS - File Upload Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1589 Release Date: ============= 2015-09-23 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2015/05/05 1:11 a.m.17 views

USBKill — Code That Kills Computers Before They Examine USBs for Secrets

USBkill — A new program that once activated, will instantly disable the laptop or computer if there is any activity on USB port. Hey Wait, don’t compare USBkill with the USB Killer stick that destroy sensitive components of a computer when plugged-in. "USBKill" is a new weapon that could be a boo...

6.7AI score
Exploits0
myhack58
myhack58
added 2015/04/30 12:0 a.m.29 views

Microsoft Windows not the USB drive overflow vulnerability-vulnerability warning-the black bar safety net

Affected system: Microsoft Windows XP SP2 Microsoft Windows XP SP1 Microsoft Windows Server 2 0 0 3 SP1 Microsoft Windows Server 2 0 0 3 Microsoft Windows ME Microsoft Windows 98se Microsoft Windows 9 8 Microsoft Windows 2000SP4 Microsoft Windows 2000SP3 Microsoft Windows 2000SP2 Microsoft Window...

1.2AI score
Exploits0
exploitpack
exploitpack
added 2015/04/21 12:0 a.m.22 views

Wifi Drive Pro 1.2 iOS - Local File Inclusion

Wifi Drive Pro 1.2 iOS - Local File Inclusion Document Title: =============== Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1447 Release Date: ============= 2015-03-13 Vulnerability Laboratory ID...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2015/03/11 1:1 p.m.142 views

Details Surface on Stuxnet Patch Bypass

It took 10 hours to find what had eluded others for close to five years. German computer science student Michael Heerklotz spent the Christmas holiday reading Countdown to Zero Day, a narrative on the discovery and impact of Stuxnet, the computer worm considered one of the first cyberweapons, and...

9.3CVSS0.7AI score0.99945EPSS
Exploits62References6
ICS
ICS
added 2014/01/20 12:0 p.m.11 views

Mariposa Botnet

Overview ICS-CERT has received reports and investigated infections of the MariposaDefence Intelligence, http://defintel.com/docs/MariposaAnalysis.pdf, website last accessed March 15, 2010. botnet, which have affected the business networks of multiple control system owners in recent months. ICS-CE...

7.3AI score
Exploits0References17
The Hacker News
The Hacker News
added 2013/10/22 12:12 p.m.10 views

Malware infected International Atomic Energy Agency Computers

Hackers and malware are everywhere, waiting for you around every corner of the Internet. The International Atomic Energy Agency IAEA, which holds highly sensitive information and plays a key role in global efforts to prevent the spread of nuclear weapons, said on Tuesday that some of its computer...

6.9AI score
Exploits0
exploitpack
exploitpack
added 2013/09/10 12:0 a.m.20 views

D-Link DIR-505 1.06 - Multiple Vulnerabilities

D-Link DIR-505 1.06 - Multiple Vulnerabilities Multiple vulnerabilities on D-Link Dir-505 devices ================================================== ADVISORY INFORMATION Title: Multiple vulnerabilities on D-Link Dir-505 devices Discovery date: 05/04/2013 Release date: 09/09/2013 Credits: Alessand...

0.2AI score
Exploits0
Rows per page
Query Builder