81 matches found
Ocean Data Systems Dream Report 5 R20-2 安全漏洞
Ocean Data Systems Dream Report 5 R20-2 is an application from the French company Ocean Data Systems. A real-time reporting and charting solution. Dream Report 5 R20-2 has a security vulnerability that allows an attacker to replace the Syncfusion Dashboard Service service binary to escalate...
Rockstar Service - Insecure File Permissions
Exploit Title: Rockstar Service - Insecure File Permissions Date: 2020-04-02 Exploit Author: George Tsimpidas Software Link : https://socialclub.rockstargames.com/rockstar-games-launcher Version Patch: 1.0.37.349 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Vulnerability...
CVE-2020-13555
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In COM Server Application Privilege Escalation, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege...
CVE-2020-13552
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loaded modules to...
Advantech WebAccess/SCADA 安全漏洞
Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...
Advantech WebAccess/SCADA 安全漏洞
Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...
Advantech WebAccess/SCADA 安全漏洞
Advantech WebAccess/SCADA is a suite of SCADA software from Advantech based on a browser architecture. The software supports dynamic graphical displays and real-time data control, and provides the ability to remotely control and manage automation equipment. A local elevation of privilege...
Moxa MXView Local Elevation of Privilege Vulnerability
Moxa MXview is a network management software for monitoring and diagnosing industrial networks. A local elevation of privilege vulnerability exists in the file system permissions of Moxa MXView series 3.1.8. An attacker can exploit the elevation of privilege by adding code to a script or replacin...
CVE-2020-13536
An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary. By default MXViewService, which starts as a NT SYSTEM authority...
CVE-2020-13537
An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXViewService, which starts as a NT SYSTEM authority us...
Sourceforge Dual DHCP DNS Server Elevation of Privilege Vulnerability
Sourceforge Dual DHCP DNS Server is a Sourceforge organization to support Linux/Windows platform and can provide DHCP and DNS services of open source software. An elevation of privilege vulnerability exists in Dual DHCP DNS Server version 7.40, which stems from insufficient access restrictions in...
CVE-2020-26130
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe binary...
CVE-2020-26132
An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary...
CVE-2020-26132
An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary...
CVE-2020-26133
An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary...
PT-2020-16305 · Open · Open Dhcp Server
Name of the Vulnerable Software and Affected Versions: Open DHCP Server Regular version 1.75 Open DHCP Server LDAP Based version 0.1Beta Description: The issue is related to insufficient access restrictions in the default installation directory, allowing an attacker to elevate privileges. This ca...
PT-2020-16304 · Multithreaded Studios · Open Tftp Server
Name of the Vulnerable Software and Affected Versions: Open TFTP Server multithreaded version 1.66 Open TFTP Server single port version 1.66 Description: The issue is related to insufficient access restrictions in the default installation directory of Open TFTP Server, allowing an attacker to...
CVE-2020-26132
An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary...
Vulnerability in Ghisler Total Commander
There is a vulnerability in Ghisler Total Commander. The vulnerability allows a local malicious person to obtain elevated permissions by replacing the Total Commander binary. The developers of Total Commander have indicated that they will not fix the vulnerability will not be fixed. According to...
CVE-2020-17381
An issue was discovered in Ghisler Total Commander 9.51. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the %SYSTEMDRIVE%\totalcmd\TOTALCMD64.EXE binary...