14 matches found
GO-2026-4280 Sliver Vulnerable to Pre-Auth Memory Exhaustion via NoEncoder Bypass in github.com/bishopfox/sliver
Sliver Vulnerable to Pre-Auth Memory Exhaustion via NoEncoder Bypass in github.com/bishopfox/sliver...
GO-2025-4079 Silver has unrestricted traffic between Wireguard clients in github.com/bishopfox/sliver
Silver has unrestricted traffic between Wireguard clients in github.com/bishopfox/sliver...
GO-2023-1866 Silver vulnerable to MitM attack against implants due to a cryptography vulnerability in github.com/bishopfox/sliver
Silver vulnerable to MitM attack against implants due to a cryptography vulnerability in github.com/bishopfox/sliver...
GO-2024-2993 Sliver Allows Authenticated Operator-to-Server Remote Code Execution in github.com/bishopfox/sliver
Sliver Allows Authenticated Operator-to-Server Remote Code Execution in github.com/bishopfox/sliver. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...
CVE-2024-41111 BishopFox Sliver Authenticated Remote Code Execution
Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. Sliver version 1.6.0 prerelease is vulnerable to RCE on the teamserver by a low-privileged "operator" user. The RCE is as the system root user...
Sliver Allows Authenticated Operator-to-Server Remote Code Execution
Description Sliver version 1.6.0 prerelease is vulnerable to RCE on the teamserver by a low-privileged "operator" user. The RCE is as the system root user. Impact As described in a past issue, "there is a clear security boundary between the operator and server, an operator should not inherently b...
GHSA-HC5W-GXXR-W8X8 Sliver Allows Authenticated Operator-to-Server Remote Code Execution
Description Sliver version 1.6.0 prerelease is vulnerable to RCE on the teamserver by a low-privileged "operator" user. The RCE is as the system root user. Impact As described in a past issue, "there is a clear security boundary between the operator and server, an operator should not inherently b...
Hackers Exploiting Ivanti VPN Flaws to Deploy KrustyLoader Malware
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure ICS virtual private network VPN devices have been exploited to deliver a Rust-based payload called KrustyLoader that's used to drop the open-source Sliver adversary simulation tool. The security vulnerabilities, tracked as...
Weak Cryptography
github.com/bishopfox/sliver is vulnerable to weak cryptography. The vulnerability exists because it does not properly implement Nacl Box libsodium, which allows an attacker to execute arbitrary codes on implanted devices and intercept user responses...
Silver vulnerable to MitM attack against implants due to a cryptography vulnerability
Summary The current cryptography implementation in Sliver up to version 1.5.39 allows a MitM with access to the corresponding implant binary to execute arbitrary codes on implanted devices via intercepted and crafted responses. Reserved CVE ID: CVE-2023-34758 Details Please see the PoC repo. PoC...
GHSA-8JXM-XP43-QH3Q Silver vulnerable to MitM attack against implants due to a cryptography vulnerability
Summary The current cryptography implementation in Sliver up to version 1.5.39 allows a MitM with access to the corresponding implant binary to execute arbitrary codes on implanted devices via intercepted and crafted responses. Reserved CVE ID: CVE-2023-34758 Details Please see the PoC repo. PoC...
Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks
The legitimate command-and-control C2 framework known as Sliver is gaining more traction from threat actors as it emerges as an open source alternative to Cobalt Strike and Metasploit. The findings come from Cybereason, which detailed its inner workings in an exhaustive analysis last week. Sliver...
U.S. Dept Of Defense: Remote Code Execution via CVE-2019-18935
Summary: The website at https://█████████/apps/XTRAHome/Telerik.Web.UI.WebResource.axd?type=rau is vulnerable to CVE-2017-11317 and CVE-2019-18935, allowing an attacker to upload arbitrary files and gain remote code execution on the underlying system. Step-by-step Reproduction Instructions 1...
Exploit for Path Traversal in Ivanti Connect_Secure
pwn-pulse.sh Exploit for Pulse Connect Secure SSL VPN arbitr...