146 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-26529
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mgtlsinit function in Cesanta Mongoose HTTPS server 7.0 and 6.7-6.18 compiled with mbedTLS support is vulnerable to remote OOB write attack via connection...
HTTPS Fetch, Windows Command Shell, Find Tag Ordinal Stager
Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Use an established connection Module Options msf use payload/cmd/windows/https/x86/shell/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options...
HTTPS Fetch
Fetch and execute an x86 payload from an HTTPS server. Module Options msf use payload/cmd/windows/https/x86/speakpwned msf payloadspeakpwned show actions ...actions... msf payloadspeakpwned set ACTION msf payloadspeakpwned show options ...show and set options... msf payloadspeakpwned run This...
HTTPS Fetch, Windows Command Shell, Reverse TCP Stager (DNS)
Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/shell/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf...
HTTPS Fetch, Windows Command Shell, Bind TCP Stager (Windows x86)
Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Listen for a connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show...
HTTPS Fetch, Hidden Bind Ipknock TCP Stager
Fetch and execute an x86 payload from an HTTPS server. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The sock...
HTTPS Fetch
Fetch and execute an x86 payload from an HTTPS server. Module Options msf use payload/cmd/windows/https/x86/powershellreversetcpssl msf payloadpowershellreversetcpssl show actions ...actions... msf payloadpowershellreversetcpssl set ACTION msf payloadpowershellreversetcpssl show options ...show a...
HTTPS Fetch, Hidden Bind TCP Stager
Fetch and execute an x86 payload from an HTTPS server. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/https/x86/patchupmeterpreter/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... msf...
GO-2026-4289 CoreDNS gRPC/HTTPS/HTTP3 servers lack resource limits, enabling DoS via unbounded connections and oversized messages in github.com/coredns/coredns
CoreDNS gRPC/HTTPS/HTTP3 servers lack resource limits, enabling DoS via unbounded connections and oversized messages in github.com/coredns/coredns...
CVE-2025-14299
The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length header, which can lead to an integer overflow. An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to trigger excessive memory allocation, causing the device to crash and...
CVE-2025-14299
The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length header, which can lead to an integer overflow. An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to trigger excessive memory allocation, causing the device to crash and...
CVE-2025-14299
CVE-2025-14299 affects TP-LINK Tapo C200 V3’s HTTPS server. The flaw is improper validation of the Content-Length header, which can trigger an integer overflow and cause excessive memory allocation, leading to a denial of service. An unauthenticated attacker on the same local network can craft HT...
CVE-2025-14299 Improper Content-Length Validation in HTTPS Requests on Tapo C200
The HTTPS server on Tapo C200 V3 does not properly validate the Content-Length header, which can lead to an integer overflow. An unauthenticated attacker on the same local network segment can send crafted HTTPS requests to trigger excessive memory allocation, causing the device to crash and...
PT-2025-52531
Name of the Vulnerable Software and Affected Versions Tapo C200 V3 affected versions not specified Description The device’s HTTPS server does not correctly validate the Content-Length header, leading to an integer overflow. An attacker on the same local network can send specially crafted HTTPS...
EUVD-2017-12053
Malware in sbrugna...
EUVD-2021-13333
Malware in sbrugna...
EUVD-2012-2535
Malware in sbrugna...
EUVD-2021-13334
Malware in sbrugna...
EUVD-2016-6709
Malware in sbrugna...
EUVD-2017-12052
Malware in sbrugna...