Lucene search
K

11 matches found

Rapid7 Blog
Rapid7 Blog
added 2022/03/04 9:52 p.m.285 views

Metasploit Weekly Wrap-Up

This week’s Metasploit Framework release brings us seven new modules. IP Camera Exploitation Rapid7’s Jacob Baines was busy this week with two exploit modules that target IP cameras. The first module exploits an authenticated file upload on Axis IP cameras. Due to lack of proper sanitization, an...

9.3CVSS0.99869EPSS
Exploits214
Packet Storm
Packet Storm
added 2021/10/20 12:0 a.m.542 views

SonicWall SMA 10.2.1.0-17sv Password Reset

Exploit Title: SonicWall SMA 10.2.1.0-17sv - Password Reset Description: Overwrite the persistent database, resulting in password reset on reboot. Shodan Dork: https://www.shodan.io/search?query=title%3A%22Virtual+Office%22+%22Server%3A+SonicWall%22 Date: 10/19/2021 Exploit Author: Jacob Baines...

6.4CVSS0.1AI score0.80701EPSS
Exploits4
Rapid7 Blog
Rapid7 Blog
added 2021/08/13 6:25 p.m.331 views

Metasploit Wrap-Up

Print Driver PrivEsc If you attended DEF CON last week, you may have seen this talk on print driver vulnerabilities from Metasploit community contributor Jacob Baines. In the spirit of Friday the 13th, we're highlighting some of these "print nightmares" again, in the form of two new Metasploit...

7.5CVSS9.9AI score0.95355EPSS
Exploits12
Rapid7 Blog
Rapid7 Blog
added 2021/08/06 8:26 p.m.64 views

Metasploit Wrap-Up

Desert heat not the 1999 film This week was more quiet than normal with Black Hat USA and DEF CON, but that didn’t stop the team from delivering some small enhancements and bug fixes! We are also excited to see two new modules 15519 and 15520 from researcher Jacob Baines’ DEF CON talk ​​Bring You...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/17 12:0 a.m.181 views

Cisco IP Phone 11.7 - Denial of service (PoC)

Exploit Title: Cisco IP Phone 11.7 - Denial of Service PoC Date: 2020-04-15 Exploit Author: Jacob Baines Vendor Homepage: https://www.cisco.com Software Link: https://www.cisco.com/c/en/us/products/collaboration-endpoints/ip-phones/index.html Version: Before 11.71 Tested on: Cisco Wireless IP Pho...

10CVSS9.6AI score0.83734EPSS
Exploits4
exploitpack
exploitpack
added 2019/04/08 12:0 a.m.115 views

QNAP Netatalk 3.1.12 - Authentication Bypass

QNAP Netatalk 3.1.12 - Authentication Bypass Exploit Title: QNAP Netatalk Authentication Bypass Date: 12/20/2018 Original Exploit Author: Jacob Baines Modifications for QNAP devices: Mati Aharoni Vendor Homepage: http://netatalk.sourceforge.net/ Software Link:...

10CVSS0.4AI score0.86539EPSS
Exploits10
Packet Storm
Packet Storm
added 2018/12/21 12:0 a.m.135 views

Netatalk Authentication Bypass

Exploit Title: Netatalk Authentication Bypass Date: 12/20/2018 Exploit Author: Jacob Baines Vendor Homepage: http://netatalk.sourceforge.net/ Software Link: https://sourceforge.net/projects/netatalk/files/ Version: Before 3.1.12 Tested on: Seagate NAS OS x8664 CVE : CVE-2018-1160 Advisory:...

0.4AI score0.86539EPSS
Exploits10
Debian
Debian
added 2018/12/20 6:6 p.m.32 views

[SECURITY] [DSA 4356-1] netatalk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4356-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 20, 2018 https://www.debian.org/security/faq -...

10CVSS2.5AI score0.86539EPSS
Exploits10
exploitpack
exploitpack
added 2018/10/10 12:0 a.m.159 views

MicroTik RouterOS 6.43rc3 - Remote Root

MicroTik RouterOS 6.43rc3 - Remote Root / Exploit Title: RouterOS Remote Rooting Date: 10/07/2018 Exploit Author: Jacob Baines Vendor Homepage: www.mikrotik.com Software Link: https://mikrotik.com/download Version: Longterm: 6.30.1 - 6.40.7 Stable: 6.29 - 6.42 Beta: 6.29rc1 - 6.43rc3 Tested on:...

6.4CVSS8.8AI score0.96087EPSS
Exploits23
0day.today
0day.today
added 2018/07/10 12:0 a.m.297 views

Oracle WebLogic 12.1.2.0 RMI Registry UnicastRef Object Java Deserialization Remote Code Execution

Exploit for multiple platform in category web applications !/usr/bin/python -- coding: utf-8 -- from argparse import RawTextHelpFormatter import socket, argparse, subprocess, ssl, os.path HELPMESSAGE = ''' --------------------------------------------------------------------------------------...

7.5CVSS9.2AI score0.97301EPSS
Exploits15
ICS
ICS
added 2017/05/02 12:0 a.m.57 views

CyberVision Kaa IoT Platform

CVSS v3 6.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: CyberVision Equipment: Kaa IoT Platform Vulnerability: Code Injection AFFECTED PRODUCTS The following version of Kaa IoT Platform, a middleware platform, is affected: Kaa IoT Platform, Version 0.7.4, and possibly othe...

8.8CVSS9.2AI score0.03495EPSS
Exploits0References3
Rows per page
Query Builder