6 matches found
CVE-2024-28741
Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component...
CVE-2024-28741
Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component...
CVE-2024-28741
creationtimestamp| type| source ---|---|--- 2024-03-15 20:28:11+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10152 2024-04-08 07:45:52+00:00| seen| https://t.me/arpsyndicate/4389 2024-04-09 19:47:17+00:00| seen| https://t.me/arpsyndicate/4407 2024-05-21 19:15:48+00:00...
Exploit for CVE-2024-28741
NorthStar C2 agent RCE via stored XSS Agent RCE PoC for CVE-20...
NorthStar C2 Agent 1.0 Cross Site Scripting / Remote Command Execution
Exploit Title: NorthStar C2 agent RCE via stored XSS Date: 2024-03-11 Exploit Author: @chebuya Software Link: https://github.com/EnginDemirbilek/NorthStarC2 Version: v1.0 Tested on: Ubuntu 20.04 LTS CVE: CVE-2024-28741 Description: NorthStar C2 applies insufficient sanitization on agent...
NorthStar C2 Agent 1.0 Cross Site Scripting / Remote Command Execution Exploit
NorthStar C2 agent version 1.0 applies insufficient sanitization on agent registration routes, allowing an unauthenticated attacker to send multiple malicious agent registration requests to the teamserver to incrementally build a functioning javascript payload in the logs web page. This cross sit...