Lucene search
K

7 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.43 views

KingScada kxClientDownload.ocx ActiveX - Remote Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::BrowserExploitServer include...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/03/13 12:0 a.m.12 views

WellinTech Multiple Products kxClientDownload ActiveX Remote Code Execution (CVE-2013-2827)

A remote code execution vulnerability exists in WellinTech multiple products. The vulnerability exists in ClientDownload.ocx ActiveX control and is due to insufficient sanitization of ProjectURL property. A remote unauthenticated attacker can leverage this vulnerability to download and load an...

7.5AI score0.49235EPSS
Exploits5
seebug.org
seebug.org
added 2014/02/12 12:0 a.m.49 views

KingSCADA/KingGraphic远程代码执行漏洞

CVECAN ID: CVE-2013-2827 KingSCADA系列产品是基于Windows的控制、监督和数据收集应用程序。 KingSCADA、KingGraphic 3.1及之前版本处理 "ProjectURL" 属性时,ActiveX组件内出现错误,成功利用后可导致下载并执行任意代码。 0 kingview KingSCADA = 3.1 kingview KingGraphic = 3.1 厂商补丁: kingview -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.kingview.com...

7.5CVSS6.4AI score0.49235EPSS
Exploits5
Circl
Circl
added 2014/02/11 12:0 a.m.12 views

CVE-2013-2827

creationtimestamp| type| source ---|---|--- 2014-02-11 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/31575 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/wellintechkingscadakxclientdownload.rb 2025-02-0...

7.5CVSS5.7AI score0.49235EPSS
Exploits5References2
Exploit DB
Exploit DB
added 2014/02/11 12:0 a.m.42 views

KingScada - kxClientDownload.ocx ActiveX Remote Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'KingScada kxClientDownload.ocx ActiveX Remote Code Execution', 'Description' = %q This module abuses the kxClientDownload.ocx ActiveX...

7.5CVSS7AI score0.49235EPSS
Exploits5
Metasploit
Metasploit
added 2014/02/07 12:25 a.m.46 views

KingScada kxClientDownload.ocx ActiveX Remote Code Execution

This module abuses the kxClientDownload.ocx ActiveX control distributed with WellingTech KingScada. The ProjectURL property can be abused to download and load arbitrary DLLs from arbitrary locations, leading to arbitrary code execution, because of a dangerous usage of LoadLibrary. Due to the natu...

7.5CVSS7.5AI score0.49235EPSS
Exploits5
CVE
CVE
added 2014/01/15 4:0 p.m.58 views

CVE-2013-2827

CVE-2013-2827 concerns an unresolved ActiveX control in WellinTech KingSCADA (before 3.1.2), KingAlarm&Event (before 3.1), and KingGraphic (before 3.1.2) that allows remote code execution by abusing the ProjectURL property to download and execute a DLL on a client. Root cause: insufficient saniti...

7.5CVSS7.2AI score0.49235EPSS
Exploits5References1Affected Software3
Rows per page
Query Builder