GHSA-8H53-FJGG-G42G Insufficient Verification of Data Authenticity in Async Http Client

Async Http Client aka AHC or async-http-client before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presenting an arbitrary certificate during use of a...

Cisco Firepower Threat Defense Software Web Services Interface Privilege Escalation (cisco-sa-asaftd-mgmt-privesc-BMFMUvye)

A vulnerability in the web services interface for remote access VPN features of Cisco Firepower Threat Defense FTD Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and...

Cisco Adaptive Security Appliance Software Web Services Interface Privilege Escalation (cisco-sa-asaftd-mgmt-privesc-BMFMUvye)

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and...

FreeBSD : curl -- Multiple vulnerabilities (11e36890-d28c-11ec-a06f-d4c9ef517024)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 11e36890-d28c-11ec-a06f-d4c9ef517024 advisory. - Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an...

IBM: sql injection via https://setup.p2p.ihost.com/

A SQL Injection against an IBM domain was reported to IBM, analyzed and has been remediated. Thank you to exploitmsf...

F5 BIG-IP iControl Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP iControl RCE via REST Authentication Bypass', 'Description' = %q This module exploits an authentication bypass vulnerability in the F5...

Powershell Exec, Reverse Hop HTTP/HTTPS Stager

Execute an x86 payload from a command via PowerShell. Tunnel communication over an HTTP or HTTPS hop point. Note that you must first upload data/hop/hop.php to the PHP server you wish to use as a hop. Module Options msf use payload/cmd/windows/powershell/meterpreter/reversehophttp msf...

Powershell Exec, Windows Reverse HTTPS Stager (wininet)

Execute an x86 payload from a command via PowerShell. Tunnel communication over HTTPS Windows wininet Module Options msf use payload/cmd/windows/powershell/meterpreter/reversehttps msf payloadreversehttps show actions ...actions... msf payloadreversehttps set ACTION msf payloadreversehttps show...

Powershell Exec, Windows Meterpreter Shell, Reverse HTTPS Inline

Execute an x86 payload from a command via PowerShell. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/powershell/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf...

Powershell Exec, Windows x64 Reverse HTTPS Stager (winhttp)

Execute an x64 payload from a command via PowerShell. Tunnel communication over HTTPS Windows x64 winhttp Module Options msf use payload/cmd/windows/powershell/x64/meterpreter/reversewinhttps msf payloadreversewinhttps show actions ...actions... msf payloadreversewinhttps set ACTION msf...

Powershell Exec, Windows Meterpreter Shell, Reverse HTTPS Inline (x64)

Execute an x64 payload from a command via PowerShell. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/powershell/x64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf...

Powershell Exec, Reverse HTTPS Stager with Support for Custom Proxy

Execute an x86 payload from a command via PowerShell. Tunnel communication over HTTP using SSL with custom proxy support Module Options msf use payload/cmd/windows/powershell/meterpreter/reversehttpsproxy msf payloadreversehttpsproxy show actions ...actions... msf payloadreversehttpsproxy set...

Powershell Exec, Windows x64 Reverse HTTPS Stager (winhttp)

Execute an x64 payload from a command via PowerShell. Tunnel communication over HTTPS Windows x64 winhttp Module Options msf use payload/cmd/windows/powershell/x64/vncinject/reversewinhttps msf payloadreversewinhttps show actions ...actions... msf payloadreversewinhttps set ACTION msf...

Powershell Exec, Windows Reverse HTTPS Stager (winhttp)

Execute an x86 payload from a command via PowerShell. Tunnel communication over HTTPS Windows winhttp Module Options msf use payload/cmd/windows/powershell/meterpreter/reversewinhttps msf payloadreversewinhttps show actions ...actions... msf payloadreversewinhttps set ACTION msf...

Powershell Exec, Windows Executable Download (http,https,ftp) and Execute

Execute an x86 payload from a command via PowerShell. Download an EXE from an HTTPS/FTP URL and execute it Module Options msf use payload/cmd/windows/powershell/downloadexec msf payloaddownloadexec show actions ...actions... msf payloaddownloadexec set ACTION msf payloaddownloadexec show options...

Powershell Exec, Reverse Hop HTTP/HTTPS Stager

Execute an x86 payload from a command via PowerShell. Tunnel communication over an HTTP or HTTPS hop point. Note that you must first upload data/hop/hop.php to the PHP server you wish to use as a hop. Module Options msf use payload/cmd/windows/powershell/dllinject/reversehophttp msf...

USN-5412-1: curl vulnerabilities

Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong URL and bypass certain checks or filters. This issue only affected Ubuntu 22.04 LTS. CVE-2022-27780 Florian Kohnhuser discovered...

CVE-2022-30115

A vulnerability was found in curl. This issue occurs because when using its HTTP Strict Transport SecurityHSTS support, it can instruct curl to use HTTPS directly instead of using an insecure clear text HTTP step even when HTTP is provided in the URL. This flaw leads to a clear text transmission ...

CVE-2022-30115

Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or th...

Fedora: Security Advisory for curl (FEDORA-2022-3517572083)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...