Lucene search
K

4 matches found

Metasploit
Metasploit
added 2024/01/24 7:49 p.m.530 views

GL.iNet Unauthenticated Remote Command Execution via the logread module.

A command injection vulnerability exists in multiple GL.iNet network products, allowing an attacker to inject and execute arbitrary shell commands via JSON parameters at the glsystemlog and glcrashlog interface in the logread module. This exploit requires post-authentication using the Admin-Token...

9.8CVSS9.2AI score0.47804EPSS
Exploits5
Metasploit
Metasploit
added 2021/01/12 5:42 p.m.175 views

CVE-2020-1170 Cloud Filter Arbitrary File Creation EOP

The Cloud Filter driver, cldflt.sys, on Windows 10 v1803 and later, prior to the December 2020 updates, did not set the IOFORCEACCESSCHECK or OBJFORCEACCESSCHECK flags when calling FltCreateFileEx and FltCreateFileEx2 within its HsmpOpCreatePlaceholders function with attacker controlled input. Th...

7.8CVSS8AI score0.13958EPSS
Exploits4
0day.today
0day.today
added 2021/01/12 12:0 a.m.100 views

Cloud Filter Arbitrary File Creation / Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in cldflt.sys. The Cloud Filter driver on Windows 10 v1803 and later, prior to the December 2020 updates, did not set the IOFORCEACCESSCHECK or OBJFORCEACCESSCHECK flags when calling FltCreateFileEx and FltCreateFileEx2 within its...

7.8CVSS8.1AI score0.13958EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/11/14 12:0 a.m.65 views

D-Link DIR-850L - OS Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'DIR-850L Unauthenticated OS Command Exec', 'Description' = %q This module leverages an unauthenticated credential disclosure...

7.4AI score
Exploits0
Rows per page
Query Builder