11 matches found
CVE-2021-47767
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalati...
CVE-2021-47767
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalati...
CVE-2021-47772 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow (SEH)
10-Strike Network Inventory Explorer Pro 9.31 contains a buffer overflow vulnerability in the text file import functionality that allows remote code execution. Attackers can craft a malicious text file with carefully constructed payload to trigger a reverse shell and execute arbitrary code on the...
CVE-2021-47772
10-Strike Network Inventory Explorer Pro 9.31 contains a buffer overflow vulnerability in the text file import functionality that allows remote code execution. Attackers can craft a malicious text file with carefully constructed payload to trigger a reverse shell and execute arbitrary code on the...
CVE-2021-47772
CVE-2021-47772 affects 10-Strike Network Inventory Explorer Pro 9.31. The issue is a buffer overflow in the text file import functionality that allows remote code execution. The description notes a crafted text file can trigger a reverse shell and execute arbitrary code on the target system. Conn...
CVE-2021-47767
CVE-2021-47767 affects 10-Strike Network Inventory Explorer Pro 9.31, specifically the srvInventoryWebServer service which runs with LocalSystem privileges. The root cause is an unquoted service path, allowing an attacker to place a malicious executable in an unresolved path segment to achieve pr...
CVE-2021-47767 10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventoryWebServer' Unquoted Service Path
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalati...
10-Strike Network Inventory Explorer Pro has security vulnerabilities
10-Strike Network Inventory Explorer Pro is a network asset management and auditing tool provided by the US company 10-Strike. Version 9.31 of 10-Strike Network Inventory Explorer Pro contains a security vulnerability. This vulnerability stems from the srvInventoryWebServer service having a servi...
10-Strike Network Inventory Explorer Pro has security vulnerabilities
10-Strike Network Inventory Explorer Pro is a network asset management and auditing tool provided by the US company 10-Strike. Version 9.31 of 10-Strike Network Inventory Explorer Pro contains a security vulnerability caused by a buffer overflow in the text file import function, which may lead to...
10-Strike Network Inventory Explorer Pro 9.31 Unquoted Service Path
Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventoryWebServer' Unquoted Service Path Discovery by: Brian Rodriguez Date: 04-11-2021 Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe...
10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow (SEH) Exploit
Exploit Title: 10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow SEH Exploit Author: Florian Gassner Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.05 Tested on: Windows 10 x64...