Lucene search
K

13 matches found

GithubExploit
GithubExploit
added 2024/03/13 8:5 p.m.289 views

Exploit for CVE-2021-38647

CVE-2021-38647 AKA "OMIGOD" A Zeek package which detects CVE-2...

9.8CVSS7.6AI score0.99723EPSS
Exploits19
Rapid7 Blog
Rapid7 Blog
added 2021/11/12 3:36 p.m.379 views

Metasploit Wrap-Up

Callback Hell Metasploit has now added an exploit module for CVE-2021-40449, a Windows local privilege escalation exploit caused by a use-after-free during the NtGdiResetDC callback in vulnerable versions of win32k.sys. This module can be used to escalate privileges to those of NT AUTHORITY\SYSTE...

6.8CVSS9AI score0.73381EPSS
Exploits18
0day.today
0day.today
added 2021/11/10 12:0 a.m.337 views

Microsoft OMI Management Interface Authentication Bypass Exploit

This Metasploit module demonstrates that by removing the authentication exchange, an attacker can issue requests to the local OMI management socket that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September...

9.8CVSS7.6AI score0.99723EPSS
Exploits20
Rapid7 Blog
Rapid7 Blog
added 2021/10/29 5:59 p.m.592 views

Metasploit Wrap-Up

OMIGOD It's RCE We are excited to announce that we now have a module for the OMIGOD vulnerability that exploits CVE-2021-38647 courtesy of our very own Spencer McIntyre! Successful exploitation will allow an unauthenticated attacker to gain root level code execution against affected servers. Give...

10CVSS0.6AI score0.99992EPSS
Exploits203
ThreatPost
ThreatPost
added 2021/10/18 8:55 p.m.36 views

Podcast: Could the Zoho Flaw Trigger SolarWinds 2.0?

A month ago, the FBI, CISA and the U.S. Coast Guard Cyber Command CGCYBER warned that state-backed advanced persistent threat APT actors are likely among those who’d been actively exploiting a critical flaw in a Zoho-owned single sign-on and password management tool since early August. At issue w...

8.6AI score
Exploits0References7
GithubExploit
GithubExploit
added 2021/09/22 3:20 p.m.99 views

Exploit for CVE-2021-38647

cve-2021-38647 https://github.com/corelight/CVE-2021-38647 wit...

9.8CVSS7.9AI score0.99723EPSS
Exploits19
HackRead
HackRead
added 2021/09/20 10:45 a.m.25 views

Mirai botnet exploiting Azure OMIGOD vulnerabilities

By Deeba Ahmed The infamous Mirai botnet lets threat actors use compromised devices to carry out large-scale and crippling DDoS attacks. This is a post from HackRead.com Read the original post: Mirai botnet exploiting Azure OMIGOD vulnerabilities...

3.5AI score
Exploits0
hivepro
hivepro
added 2021/09/19 1:57 p.m.10 views

Threat actors are actively exploiting OMIGOD vulnerabilities impacting Microsoft Azure

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Azure VMs using Linux management solutions with Azure Automation, Azure Automatic Update, Azure Operations Management Suite OMS, Azure Log Analytics, Azure Configuration Management, or Azure Diagnostics are affected by...

1.5AI score
Exploits0
Information Security Automation
Information Security Automation
added 2021/09/18 11:22 p.m.224 views

Security News: Microsoft Patch Tuesday September 2021, OMIGOD, MSHTML RCE, Confluence RCE, Ghostscript RCE, FORCEDENTRY Pegasus

Hello everyone! This time, lets talk about recent vulnerabilities. Ill start with Microsoft Patch Tuesday for September 2021. I created a report using my Vulristics tool. You can see the full report here. The most interesting thing about the September Patch Tuesday is that the top 3 VM vendors...

7.5CVSS0.99999EPSS
Exploits107
GithubExploit
GithubExploit
added 2021/09/16 2:11 a.m.227 views

Exploit for CVE-2021-38647

OMIGOD Proof on Concept Exploit for CVE-2021-38647 OMIGOD F...

9.8CVSS7.6AI score0.99723EPSS
Exploits19
Rapid7 Blog
Rapid7 Blog
added 2021/09/15 2:30 p.m.339 views

OMIGOD: How to Automatically Detect and Fix Microsoft Azure’s New OMI Vulnerability

Update: On September 16, 2021, Microsoft released an updated OMS agent v1.13.40-0 that addresses these vulnerabilities. You can download the updated version from Microsoft's GitHub repo here. In response, our team is updating the pre-built insight in InsightCloudSec to specifically look for...

7.5CVSS1.6AI score0.99723EPSS
Exploits20
Malwarebytes
Malwarebytes
added 2021/09/15 1:19 p.m.170 views

[updated] Patch now! PrintNightmare over, MSHTML fixed, a new horror appears … OMIGOD

The September 2021 Patch Tuesday could be remembered as the final patching attempt in the PrintNightmare… nightmare. The ease with which the vulnerabilities shrugged off the August patches doesn’t look to get a rerun. So far we haven’t seen any indications that this patch is so easy to circumvent...

9.3CVSS9.2AI score0.99723EPSS
Exploits58
GithubExploit
GithubExploit
added 2021/09/15 4:51 a.m.154 views

Exploit for CVE-2021-38647

CVE-2021-38647 AKA "OMIGOD" A Zeek package which detects CVE-2...

9.8CVSS7.6AI score0.99723EPSS
Exploits19
Rows per page
Query Builder