Exploit for CVE-2025-14018

CVE-2025-14018: NetBT e-Fatura Privilege Escalation Vulnerabil...

📄 NetBT e-Fatura 2024 Unquoted Service Path

NetBT e-Fatura 2024 suffers from an unquoted service path vulnerability. Exploit Title: NetBT e-Fatura - Privilege Escalation Author: Seccops Discovery Date: 2025-10-03 Vendor: https://net-bt.com.tr/e-fatura/ Tested Version: 2024 Tested on OS: Microsoft Windows Server 2019 DC Vulnerability Type:...

NetBT e-Fatura - Privilege Escalation

Exploit Title: NetBT e-Fatura - Privilege Escalation Author: Seccops Discovery Date: 2025-10-03 Vendor: https://net-bt.com.tr/e-fatura/ Tested Version: 2024 Tested on OS: Microsoft Windows Server 2019 DC Vulnerability Type: CWE-428 Unquoted Search Path or Element CVE: CVE-2025-14018 Note: Thanks...

CVE-2025-14018

CVE-2025-14018 describes an Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura prior to version 1.2.15. The root cause is unquoted configuration/file search paths that can be manipulated to redirect access to libraries. Impact per the sources is high confiden...

CVE-2025-14018 Unquoted Service Path in NetBT Consultancy's e-Fatura

Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura allows Leveraging/Manipulating Configuration File Search Paths, Redirect Access to Libraries. This issue affects e-Fatura: before 1.2.15...

PT-2025-52649

Name of the Vulnerable Software and Affected Versions NetBT Consulting Services Inc. E-Fatura versions prior to 1.2.15 Description An unquoted search path or element issue exists in NetBT Consulting Services Inc. E-Fatura. This allows leveraging or manipulating configuration file search paths,...

NetBT Consulting Services E-Fatura 代码问题漏洞

NetBT Consulting Services E-Fatura is an enterprise financial software from NetBT Consulting Services, Turkey. A code issue vulnerability exists in NetBT Consulting Services E-Fatura versions prior to 1.2.15, which stems from an un-referenced search path or element that could lead to the...

EUVD-2006-0031

Malware in sbrugna...

CVE-2020-16897

An information disclosure vulnerability exists when NetBIOS over TCP NBT Extensions NetBT improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker wou...

CVE-2020-16897 NetBT Information Disclosure Vulnerability

...

CVE-2020-16897

CVE-2020-16897 is an information-disclosure vulnerability in NetBIOS over TCP (NetBT) where objects in memory are improperly handled. An attacker who runs a crafted application could obtain information to help further compromise the system, but cannot directly execute code or elevate rights. The ...

NetBT Information Disclosure Vulnerability

An information disclosure vulnerability exists when NetBIOS over TCP NBT Extensions NetBT improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker wou...

KLA11978 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities...

Microsoft Windows: NetBIOS Node Type

This test checks the setting for policy OpenVAS Vulnerability Test $Id: windcnetbiosnodetype.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for NetBIOS Node Type Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...

CVE-2017-0161

The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to maintain...

CVE-2017-0161

The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to maintain...

Remote code execution

The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to maintain...

CVE-2017-0161

The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to maintain...

CVE-2017-0161

CVE-2017-0161 is a Windows NetBT Session Services vulnerability described as a race condition when NetBT fails to maintain certain sequencing requirements, enabling a remote code execution in affected Windows releases. The CVE is present in Windows 7/8.1/10 and server SKUs listed in the initial d...

NetBIOS Remote Code Execution Vulnerability

A race condition that could lead to a remote code execution vulnerability exists in NetBT Session Services when NetBT fails to maintain certain sequencing requirements. To exploit the vulnerability, an attacker needs to be able to send specially crafted NetBT Session Service packets to an impacte...