Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 9:19 p.m.14 views

CVE-2022-2334

The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22...

7.2CVSS7.5AI score0.09501EPSS
Exploits3References1
Rapid7 Blog
Rapid7 Blog
added 2024/07/26 6:7 p.m.42 views

Metasploit Weekly Wrap-Up 07/26/2024

New module content 3 Magento XXE Unserialize Arbitrary File Read Authors: Heyder and Sergey Temnikov Type: Auxiliary Pull request: 19304 contributed by heyder Path: gather/magentoxxecve202434102 AttackerKB reference: CVE-2024-34102 Description: This adds an auxiliary module for an XXE which resul...

9.8CVSS8.3AI score0.99994EPSS
Exploits35
0day.today
0day.today
added 2024/07/22 12:0 a.m.448 views

Softing Secure Integration Server 1.22 Remote Code Execution Exploit

This Metasploit module chains two vulnerabilities to achieve authenticated remote code execution against Softing Secure Integration Server version 1.22. In CVE-2022-1373, the restore configuration feature is vulnerable to a directory traversal vulnerability when processing zip files. When using t...

7.2CVSS8.2AI score0.10229EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/07/22 12:0 a.m.252 views

Softing Secure Integration Server 1.22 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zip' require 'metasploit/framework/loginscanner/softingsis' class MetasploitModule 'Softing Secure Integration Server v1.22 Remote Code Execution', 'Description...

7.2CVSS7.4AI score0.10229EPSS
Exploits3
Circl
Circl
added 2022/08/18 12:40 a.m.8 views

CVE-2022-2334

creationtimestamp| type| source ---|---|--- 2022-08-18 00:40:49+00:00| seen| https://t.me/cibsecurity/48309 2024-07-19 17:55:31+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/softingsisrce.rb 2025-02-06 03:13:45+00:00| seen|...

7.2CVSS7.2AI score0.09501EPSS
Exploits3References3
Cvelist
Cvelist
added 2022/08/17 8:11 p.m.54 views

CVE-2022-2334 Softing Secure Integration Server Uncontrolled Search Path Element

The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22...

7.2CVSS8.1AI score0.09501EPSS
Exploits3References2
CVE
CVE
added 2022/08/17 8:11 p.m.70 views

CVE-2022-2334

CVE-2022-2334 affects Softing Secure Integration Server v1.22 and relates to an uncontrolled search path element: an attacker can place a DLL (notably wbemcomn.dll) that the server loads, enabling arbitrary code execution when the service restarts after a restore/config change. The vulnerability ...

7.2CVSS7.4AI score0.09501EPSS
Exploits3References2Affected Software6
Rows per page
Query Builder