📄 Microsoft Event Log Remote Protocol Arbitrary File Write

This Python script demonstrates the abuse of the Microsoft Event Log Remote Protocol MS-EVEN to achieve an arbitrary file write over SMB using low-privileged credentials. By interacting with the Windows \pipe\eventlog named pipe through DCERPC, the script leverages the ElfrOpenBELW and...

PT-2024-18650 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system...

Improper access control

A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...

SIEMENS ROX II Elevation of Privilege Vulnerability

SIMATIC ROX II is a ROX-based VPN endpoint and firewall device for connecting devices that operate in harsh environments, such as power substations and traffic control cabinets. An elevation of privilege vulnerability exists in SIMATIC ROX II. An attacker with network access to port 22/tcp and...