14 matches found
EUVD-2024-54418
Malicious code in bioql PyPI...
CVE-2024-53304
An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...
CVE-2024-53303
A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...
CVE-2024-53304
An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...
CVE-2024-53303
A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...
PT-2025-16874 · Lrqa Nettitude · Poshc2
Name of the Vulnerable Software and Affected Versions: LRQA Nettitude PoshC2 versions after commit 09ee2cf Description: The issue allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands by posing as an infected machine. Recommendations: For versions after commi...
CVE-2024-53304
An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...
CVE-2024-53304
LRQA Nettitude PoshC2 is affected after commit 09ee2cf , allowing an unauthenticated attacker to connect to the C2 server and execute arbitrary commands by posing as an infected machine. The connected PT-2025-16874 note suggests a temporary workaround: restrict access to the C2 server until a pat...
CVE-2024-53303
A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...
CVE-2024-53303
CVE-2024-53303 is an RCE in LRQA Nettitude PoshC2, triggered by a crafted POST to the upload_file function after commit 123db87. It requires authentication, with PoC availability noted in the analysis metrics. CVSS 3.1 base score 8.8 (HIGH); attack vector NETWORK, attack complexity LOW, privilege...
CVE-2024-53303
A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...
CVE-2024-53304
An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...
Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a...
Exploit for External Control of Assumed-Immutable Web Parameter in Fortra Filecatalyst_Workflow
CVE-2024-25153 This is a proof of concept for CVE-2024-25153,...