Lucene search
K

14 matches found

GithubExploit
GithubExploit
added 2026/01/13 7:24 a.m.216 views

Exploit for Path Traversal in Druva Insync_Client

CVE-2020-5752: Druva inSync Local Privilege Escalation A C-ba...

7.8CVSS7.8AI score0.08607EPSS
Exploits12
Packet Storm
Packet Storm
added 2020/12/08 12:0 a.m.301 views

Druva inSync Windows Client 6.6.3 Privilege Escalation

Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation PowerShell Date: 2020-12-03 Exploit Author: 1F98D Original Author: Matteo Malvica Vendor Homepage: druva.com Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.6.3/inSync6.6.3r102156.msi Version: 6.6....

7.2CVSS1AI score0.08607EPSS
Exploits12
Exploit DB
Exploit DB
added 2020/12/07 12:0 a.m.614 views

Druva inSync Windows Client 6.6.3 - Local Privilege Escalation (PowerShell)

Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation PowerShell Date: 2020-12-03 Exploit Author: 1F98D Original Author: Matteo Malvica Vendor Homepage: druva.com Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.6.3/inSync6.6.3r102156.msi Version: 6.6....

7.8CVSS7.8AI score0.08607EPSS
Exploits12
0day.today
0day.today
added 2020/12/07 12:0 a.m.235 views

Druva inSync Windows Client 6.6.3 - Local Privilege Escalation (PowerShell) Exploit

Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation PowerShell Exploit Author: 1F98D Original Author: Matteo Malvica Vendor Homepage: druva.com Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.6.3/inSync6.6.3r102156.msi Version: 6.6.3 Tested on:...

7.8CVSS7.8AI score0.08607EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2020/05/27 12:0 a.m.46 views

Druva inSync Windows Client < 6.6.4 Privilege Escalation

The Windows Druva inSync Client Service inSyncCPHwnet64.exe contains a path traversal vulnerability that can be exploited by a local, unauthenticated attacker to execute OS commands with SYSTEM privileges. When processing RPC type 5 requests over TCP port 6064, inSyncCPHwnet64.exe does not proper...

7.8CVSS7.6AI score0.08607EPSS
Exploits12References3
0daydb
0daydb
added 2020/05/25 2:7 p.m.175 views

Druva inSync Windows Client 6.6.3 CVE-2020-5752 - Local Privilege Escalation

Druva inSync Windows Client version 6.6.3 suffers from a local privilege escalation vulnerability. Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation Date: 2020-05-21 Exploit Author: Matteo Malvica Credits: Chris Lyne for previous version's exploit Vendor Homepage:...

7.2CVSS0.6AI score0.08607EPSS
Exploits12
Exploit DB
Exploit DB
added 2020/05/22 12:0 a.m.495 views

Druva inSync Windows Client 6.6.3 - Local Privilege Escalation

Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation Date: 2020-05-21 Exploit Author: Matteo Malvica Credits: Chris Lyne for previous version's exploit Vendor Homepage: druva.com Software Link:...

7.8CVSS8AI score0.08607EPSS
Exploits12
0day.today
0day.today
added 2020/05/22 12:0 a.m.174 views

Druva inSync Windows Client 6.6.3 - Local Privilege Escalation Exploit

Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation Exploit Author: Matteo Malvica Credits: Chris Lyne for previous version's exploit Vendor Homepage: druva.com Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.6.3/inSync6.6.3r102156.msi Version: 6.6....

7.8CVSS0.4AI score0.08607EPSS
Exploits12
Packet Storm
Packet Storm
added 2020/05/22 12:0 a.m.242 views

Druva inSync Windows Client 6.6.3 Local Privilege Escalation

Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation Date: 2020-05-21 Exploit Author: Matteo Malvica Credits: Chris Lyne for previous version's exploit Vendor Homepage: druva.com Software Link:...

7.2CVSS0.7AI score0.08607EPSS
Exploits12
NVD
NVD
added 2020/05/21 3:15 p.m.20 views

CVE-2020-5752

Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges...

7.8CVSS8AI score0.08607EPSS
Exploits12References3
Cvelist
Cvelist
added 2020/05/21 2:3 p.m.50 views

CVE-2020-5752

Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges...

8AI score0.08607EPSS
Exploits12References3
CVE
CVE
added 2020/05/21 2:3 p.m.217 views

CVE-2020-5752

CVE-2020-5752: Druva inSync Windows Client contains a path traversal vulnerability in the inSyncCPHwnet64 RPC service (port 6064) that can be exploited locally to run commands as SYSTEM on Windows 10 (x64) with inSync Client 6.6.3 and below. The RPC type 5 handling flaw enables command injection ...

7.8CVSS8AI score0.08607EPSS
Exploits12References3Affected Software1
Circl
Circl
added 2020/05/12 6:48 p.m.35 views

CVE-2020-5752

creationtimestamp| type| source ---|---|--- 2020-05-12 18:48:12+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/druvainsyncinsynccphwnet64rcptype5privesc.rb 2020-05-22 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48505...

7.8CVSS7.7AI score0.08607EPSS
Exploits12References2
Metasploit
Metasploit
added 2020/05/06 2:9 p.m.415 views

Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation

Druva inSync client for Windows exposes a network service on TCP port 6064 on the local network interface. inSync versions 6.6.3 and prior do not properly validate user-supplied program paths in RPC type 5 messages, allowing execution of arbitrary commands as SYSTEM. This module has been tested...

7.8CVSS7.9AI score0.08607EPSS
Exploits18
Rows per page
Query Builder