CVE-2022-38125

Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager FTP Agent modules allows Exploiting Trust in Client...

PT-2023-13594 · Secomea · Secomea Sitemanager

Name of the Vulnerable Software and Affected Versions: Secomea SiteManager affected versions not specified Description: The issue is related to an Improper Restriction of Communication Channel to Intended Endpoints, which allows exploiting trust in the client. This is specifically concerning the...

Code injection

IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. A local attacker could exploit this vulnerability to modify or delete data contained in the files with an unknown impact. IBM X-Force ID: 134391...

WSC2 - A WebSocket C2 Tool

WSC2 is a PoC of using the WebSockets and a browser process to serve as a C2 communication channel between an agent, running on the target system, and a controller acting as the actuel C2 server. Background information Check this blog post to get some context and insight on the developpment of th...