PT-2024-17718 · Debian +7 · Freeipa

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned as vulnerable in the provided descriptions. Description: The issue under investigation involves privileges escalation from root to domain admin. However, it has been noted that the flaw requires ...

PT-2024-5113 · Solarwinds · Solarwinds Access Rights Manager

Name of the Vulnerable Software and Affected Versions: SolarWinds Access Rights Manager affected versions not specified Description: The SolarWinds Access Rights Manager was found to have an authentication bypass issue, allowing an unauthenticated user to gain domain admin access within the Activ...

The task you are trying to do can't be completed because Remote Desktop Services is currently busy.

Users get the following error when attempting to launch a published application. "The task you are trying to do can't be completed because Remote Desktop Services is currently busy. Please try again in a few minutes. Other users should still be able to log on." The only user that can currently...

Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration

The advanced persistent threat APT actor known as ToddyCat has been linked to a new set of malicious tools that are designed for data exfiltration, offering a deeper insight into the hacking crew's tactics and capabilities. The findings come from Kaspersky, which first shed light on the adversary...

"You must enter valid credentials" error happen when logon Director Web for some users

Some domain admin users fail to logon Director Web page. "You must enter valid credentials" error happen when logon Director Web for some admin users. Username and Password are correct since they can logon via Director server vm console. Event ID 7 Warning show on Director Server Application even...

ZOHO ManageEngine ADSelfService Plus 访问控制错误漏洞

ZOHO ManageEngine ADSelfService Plus is ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. An access control error vulnerability exists in ZOHO ManageEngine ADSelfService Plus version 6113 and prior versions, which stems fro...

BackupOperatorToolkit - The BackupOperatorToolkit Contains Different Techniques Allowing You To Escalate From Backup Operator To Domain Admin

The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin. Usage The BackupOperatorToolkit BOT has 4 different mode that allows you to escalate from Backup Operator to Domain Admin. Use "runas.exe /netonly /user:domain.dk\backupoperator...

CVE-2022-39945

An improper access control vulnerability CWE-284 in FortiMail 7.2.0, 7.0.0 through 7.0.3, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an authenticated admin user assigned to a specific domain to access and modify other domains information via insecure direct object references...

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center MSTIC has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. We observed this new ransomware, which...

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center MSTIC has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. We observed this new ransomware, which...

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center MSTIC has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. We observed this new ransomware, which...

Exploit for OS Command Injection in Mailcow Mailcow\:_Dockerized

Mailcow CVE-2022-31138 RCE and Domain Admin privilege escalat...

CVE-2022-24139

In IOBit Advanced System Care AscService.exe 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to...

CVE-2022-24139

In IOBit Advanced System Care AscService.exe 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to...

Cisco Adaptive Security Appliance Privilege Escalation (CVE-2022-20759)

A privilege escalation vulnerability exists in Cisco Adaptive Security Appliance. Successful exploitation of this vulnerability could allow a remote attacker to easily elevate their privilege to that of a domain admin once he compromises a regular user in the domain...

CVE-2022-31245

mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs...

Exploit for OS Command Injection in Mailcow Mailcow\:_Dockerized

Mailcow CVE-2022-31245 CVE-2022-31245: RCE and Domain Admin pr...

CVE-2021-35249

This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data read only operation. This UAC issue leads to a data leak to...

CVE-2021-35249 Domain Admin Broken Access Control

This broken access control vulnerability pertains specifically to a domain admin who can access configuration & user data of other domains which they should not have access to. Please note the admin is unable to modify the data read only operation. This UAC issue leads to a data leak to...

BackupOperatorToDA - From An Account Member Of The Group Backup Operators To Domain Admin Without RDP Or WinRM On The Domain Controller

If you compromise an account member of the group Backup Operators you can become the Domain Admin without RDP or WinRM on the Domain Controller. All credit from filipdragovic with his inital POC ! I build this project because I wanted to have a more generic binary with parameters and also being...