EUVD-2026-3389

A reflected cross-site scripting xss vulnerability exists in the modifyAutopurgeFilter functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware

A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it "observed the actor scanning the internet for victim machines wi...

Lazy-RDP - Script For AutomRDPatic Scanning And Brute-Force

Script For AutomRDPatic Scanning And Brute-Force. Demo Video: Lazy-RDP over SSH: Script for automatic scanning of the address list for the presence of open 3389 ports, and then selecting the method and starting busting pair login / password. The script is tuned for Kali linux 2.0, Kali linux 2016...

SSL VPN : Intranet Applications connectivity break on port 3389 and port 22 after upgrade

After Update to 64.35 the SSL Client send TCP FIN ACK to the Server. This problem is not reported on 13.0.58.32, 13.0.61.48. There is no issue with accessing the Intranet Applications. 13.0.64.35, and 13.0.67.39, the connectivity to port 3389 and port 22 breaks...

Exploit for Use After Free in Microsoft

CVE-2019-0708-POC Affected versions Windows 7 Windows...

Spacelabs Xhibit Telemetry Receiver (XTR)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low skill level to exploit/Public exploits known Vendor: Spacelabs Equipment: Xhibit Telemetry Receiver Vulnerability: Improper Input Validation 2. RISK EVALUATION A remote code execution vulnerability called BlueKeep CVE-2019-0708...

Blue is a color we love but can’t Keep!

Recent reports this year revealed nearly 1 million computer systems are still vulnerable and exposed to BlueKeep in the wild. These systems are still easy targets for an unauthenticated attacker or malware to execute code leveraging this patchable vulnerability. Because so many systems are still...

Microsoft Operating Systems BlueKeep Vulnerability

Summary The Cybersecurity and Infrastructure Security Agency CISA is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems OSs, including both 32- and 64-bit versions, as well as all Service Pac...

Alert Windows RDP remote vulnerability POC propagation-vulnerability warning-the black bar safety net

! 0x00 description 2019 5 August 31, 360 is detected on github someone posted a lead to a remote denial of Service POC codehttps://github.com/n1xbyte/CVE-2019-0708and for windows server 2008 R2 x64 demo video, the proven POC code real and effective. An attacker can use to spread the code of the...

Exploit for Use After Free in Microsoft

CVE-2019-0708 Goby support CVE-2019-0708 "BlueKeep" vulnerabil...

用友软件存在两处命令执行漏洞可影响内网安全

简要描述： 刚进公司几天，无意看网站发现两处小漏洞，不知道报那里，就丢乌云吧 详细说明： 翻网站的时候无意发现两处Struts 1.http://comp.yonyou.com/hr/sm/Smindex.action 2.http://comp.yonyou.com/base/par/Parindex.action 貌似是没上线的平台，但是看一下信息就知道危害了 首先，先看看服务器信息 WIN2008服务器 再看看端口 3389是直接开放的 再看看IP吧 内网，再加上3389端口是默认开放的，如果，进行端口转发，提权，那么。。。 最后看看盘符信息吧 基本全遍历。 漏洞证明：...

TPKT Client Detection

Binary data 7155.pasl...

Pakyu Cenloder Microsoft Remote Desktop Denial Of Service

Exploit Title: Pakyu Cenloder Date: March 16 2012 Author: BMario Application Link: Microsoft Terminal Services / Remote Desktop Services http://msdn.microsoft.com/en-us/library/aa383015v=vs.85.aspx Version: any Windows version before 13 Mar 2012 Platforms: Windows Bug: use after free Exploitation...

Morto Worm spreading via Remote Desktop Protocol

Morto Worm spreading via Remote Desktop Protocol Organizations large and small often make use of Remote Desktop or Terminal Services to remotely connect to Windows computers over the Internet and internally. These tools use Microsoft's RDP protocol to allow the user to operate the remote system...

Morto Worm spreading via Remote Desktop Protocol

Morto Worm spreading via Remote Desktop Protocol Organizations large and small often make use of Remote Desktop or Terminal Services to remotely connect to Windows computers over the Internet and internally. These tools use Microsoft's RDP protocol to allow the user to operate the remote system...

Windows Manage Enable Remote Desktop

This module enables the Remote Desktop Service RDP. It provides the options to create an account and configure it to be a member of the Local Administrators and Remote Desktop Users group. It can also forward the target's port 3389/tcp. This module requires Metasploit:...

By 3 3 8 9 port simple detection-vulnerability warning-the black bar safety net

Remember my first exposure to hacking techniques is 3 3 8 9 the invasion,speaking of that invasion,Ah! That's called my excitement. This feeling is simply can and the invasion of a million traffic Station is better,Oh no exaggeration to say that,because this is the first time the success of the...

Microsoft Windows Remote Desktop Protocol service input validation vulnerability

Overview An input validation error in the Microsoft Remote Desktop Protocol RDP service may allow a remote attacker to cause a denial-of-service condition. Description Microsoft describes the Remote Desktop Protocol RDP as follows.RDP is based on, and is an extension of, the T.120 protocol family...

CVE-2001-0540

CVE-2001-0540: Memory leak in Windows NT/2000 Terminal Server processing of malformed RDP requests to port 3389 leads to memory exhaustion and DoS. Affected: Windows NT/2000 Terminal Services. Root cause: memory handling during RDP request processing. Remediation: Microsoft Security Bulletin MS01...

CVE-2001-0540

Memory leak in Terminal servers in Windows NT and Windows 2000 allows remote attackers to cause a denial of service memory exhaustion via a large number of malformed Remote Desktop Protocol RDP requests to port 3389...