12164 matches found
Open WebUI 'LDAP Empty Password' - Authentication Bypass
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP authentication endpoint does not validate that the submitted password is non-empty before performing a Simple Bind against the LDAP server. The LdapForm Pydantic model accep...
CVE-2026-15694
The CVE covers Tenda BE12 Pro (v16.03.66.23). A stack-based overflow exists in the SetIpBind function (fromSetIpBind) when processing the argument page of /goform/SetIpBind. This vulnerability can be triggered remotely, and public exploits are reported. The impact is consistent with a high-severi...
Malicious code in sight-bind (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 398788014436c7e95df3045f9b32398c3de46b8c9275c0437e44bda1dcb6cc00 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10566 Malicious code in sight-bind (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 398788014436c7e95df3045f9b32398c3de46b8c9275c0437e44bda1dcb6cc00 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Linux dup2 Command Shell, Bind TCP Stager
dup2 socket in s1, then execve. Listen for a connection Module Options frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 256 include...
Linux dup2 Command Shell, Bind TCP Stager
dup2 socket in s1, then execve. Listen for a connection Module Options frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 264 include...
FTP Fetch, Windows Meterpreter Shell, Bind Named Pipe Inline
Fetch and execute an x86 payload from an FTP server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options...
FTP Fetch, Hidden Bind Ipknock TCP Stager
Fetch and execute an x86 payload from an FTP server. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socket...
FTP Fetch, Windows x64 IPv6 Bind TCP Stager
Fetch and execute an x64 payload from an FTP server. Listen for an IPv6 connection Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Windows Meterpreter Shell, Bind Named Pipe Inline (x64)
Fetch and execute an x64 payload from an FTP server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...
FTP Fetch, Bind TCP Stager with UUID Support (Windows x64)
Fetch and execute an x64 payload from an FTP server. Listen for a connection with UUID Support Windows x64 Module Options...
FTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an FTP server. Listen for a connection Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include Msf::Payload::Adapter::Fetch::FTP include...
FTP Fetch, Windows x64 IPv6 Bind TCP Stager
Fetch and execute an x64 payload from an FTP server. Listen for an IPv6 connection Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Windows x64 Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x64 payload from an FTP server. Spawn a piped command shell Windows x64 staged. Connect back to the attacker Module Options...
FTP Fetch, Hidden Bind Ipknock TCP Stager
Fetch and execute an x86 payload from an FTP server. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socket...
FTP Fetch, Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Listen for a connection Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Bind TCP Stager (Windows x86)
Fetch and execute an x86 payload from an FTP server. Listen for a connection Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include Msf::Payload::Adapter::Fetch::FTP...
FTP Fetch, Windows Upload/Execute, Hidden Bind TCP Stager
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options This module requires Metasploit: https://metasploit.com/download Current source:...
FTP Fetch, Windows shellcode stage, Bind TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Listen for a connection with UUID Support Windows x86 Module Options...
FTP Fetch, Windows Command Shell, Bind IPv6 TCP Stager (Windows x86)
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Listen for an IPv6 connection Windows x86 Module Options...