14 matches found
EUVD-2024-54418
Malicious code in bioql PyPI...
CVE-2024-53304
An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...
CVE-2024-53303
A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...
CVE-2024-53304
An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...
CVE-2024-53303
A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...
PT-2025-16874 · Lrqa Nettitude · Poshc2
Name of the Vulnerable Software and Affected Versions: LRQA Nettitude PoshC2 versions after commit 09ee2cf Description: The issue allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands by posing as an infected machine. Recommendations: For versions after commi...
CVE-2024-53304
An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...
CVE-2024-53304
LRQA Nettitude PoshC2 is affected after commit 09ee2cf , allowing an unauthenticated attacker to connect to the C2 server and execute arbitrary commands by posing as an infected machine. The connected PT-2025-16874 note suggests a temporary workaround: restrict access to the C2 server until a pat...
CVE-2024-53303
A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...
CVE-2024-53303
A remote code execution RCE vulnerability in the uploadfile function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request...
CVE-2024-53304
An issue in LRQA Nettitude PoshC2 after commit 09ee2cf allows unauthenticated attackers to connect to the C2 server and execute arbitrary commands via posing as an infected machine...
CVE-2024-53303
CVE-2024-53303 is an RCE in LRQA Nettitude PoshC2, triggered by a crafted POST to the upload_file function after commit 123db87. It requires authentication, with PoC availability noted in the analysis metrics. CVSS 3.1 base score 8.8 (HIGH); attack vector NETWORK, attack complexity LOW, privilege...
Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a...
Exploit for External Control of Assumed-Immutable Web Parameter in Fortra Filecatalyst_Workflow
CVE-2024-25153 This is a proof of concept for CVE-2024-25153,...