TFTP Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an PPC payload from an TFTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/tftp/ppc/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show...

HTTP Fetch, Linux Command Shell, Find Port Inline

Fetch and execute an PPC payload from an HTTP server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/http/ppc/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...show an...

HTTPS Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an MIPSLE payload from an HTTPS server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/https/ppc/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...

TFTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an PPC payload from an TFTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/tftp/ppc/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp show...

HTTPS Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an MIPSLE payload from an HTTPS server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/https/ppc/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sh...

Fetch MCP Server 安全漏洞

Fetch MCP Server is a context protocol server by Zach Caceres Individual Developer. A security vulnerability exists in Fetch MCP Server version 1.0.2 and prior versions, which stems from server-side request forgery and could lead to access to internal network resources...

CVE-2025-65513

fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery SSRF vulnerability, which allows attackers to bypass private IP validation and access internal network resources...

CVE-2025-65513

fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery SSRF vulnerability, which allows attackers to bypass private IP validation and access internal network resources...

PT-2025-50273

Name of the Vulnerable Software and Affected Versions fetch-mcp versions 1.0.2 and earlier Description The software is susceptible to a Server-Side Request Forgery SSRF issue. This allows attackers to circumvent private IP validation and gain access to internal network resources. Recommendations...

CVE-2025-65513

CVE-2025-65513 affects fetch-mcp v1.0.2 and earlier. The vulnerability is Server-Side Request Forgery (SSRF) that allows bypassing private IP validation to reach internal network resources. Reported root cause involves the is_ip_private logic in fetch-mcp server code (notably in the MCP fetch-ser...

EUVD-2023-60078

In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when numconfigs is 1 The config passed in by pad wakeup is 1, when numconfigs is 1, Configuration 1 should not be fetched, which will be detected by KASAN as a memory out of bounds...

Node.js: Unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion

A vulnerability was discovered in the Fetch API of Node.js that allowed an unbounded number of links in the decompression chain for HTTP responses. This could lead to resource exhaustion, as the default maxHeaderSize allowed a malicious server to insert thousands of compression steps, resulting i...

CVE-2023-53750

In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when numconfigs is 1 The config passed in by pad wakeup is 1, when numconfigs is 1, Configuration 1 should not be fetched, which will be detected by KASAN as a memory out of bounds...

BIT-ENVOY-2025-64527 Envoy crashes when JWT authentication is configured with the remote JWKS fetching

Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, Envoy crashes when JWT authentication is configured with the remote JWKS fetching, allowmissingorfailed is enabled, multiple JWT tokens are present in the request headers and the JWKS fetch...

GHSA-MP85-7MRQ-R866 Envoy crashes when JWT authentication is configured with the remote JWKS fetching

Summary Envoy crashes when JWT authentication is configured with the remote JWKS fetching, allowmissingorfailed is enabled, multiple JWT tokens are present in the request headers and the JWKS fetch fails. Details This is caused by a re-entry bug in the JwksFetcherImpl. When the first token's JWKS...

EUVD-2025-201100

Envoy crashes when JWT authentication is configured with the remote JWKS fetching...

PT-2025-48969

Name of the Vulnerable Software and Affected Versions Envoy versions 1.33.12 through 1.36.2 Description Envoy, a high-performance edge/middle/service proxy, experiences crashes when JWT authentication is configured with remote JWKS fetching enabled, allow missing or failed is set to true, multipl...

CVE-2025-66405

Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch...

CVE-2025-66405 Portkey.ai Gateway: Server-Side Request Forgery (SSRF) in Custom Host

Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch...

CVE-2025-66405

Portkey.ai Gateway has an SSRF vulnerability prior to v1.14.0 where the destination baseURL is chosen from the x-portkey-custom-host header and the proxy appends the client path to fetch external resources. This can allow an attacker to make requests to arbitrary hosts, potentially leaking data f...