EUVD-2024-24880

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

CVE-2024-27686

CVE-2024-27686 affects MikroTik RouterOS on x86, with versions 6.40.5 through 6.49.10 vulnerable to remote denial of service via specially crafted SMB data on TCP port 445; 6.49.10 is among the tested ranges and the fix is in version 7. The root cause involves handling of SMB requests that can cr...

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

Linux Distros Unpatched Vulnerability : CVE-2026-31711

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: server: fix activenumconn leak on transport allocation failure Commit 77ffbcac4e56 smb: server: fix leak of activenumconn in ksmbdtcpnewconnection address...

📄 MikroTik RouterOS 6.40.10 Denial of Service

This exploit targets a vulnerability in the MikroTik RouterOS SMB service, allowing remote attackers to crash the SMB process and render services unavailable. Specially crafted SMB packets trigger an abnormal condition, leading to a denial of service, requiring manual restart or reboot of the...

EUVD-2002-0280

Malware in sbrugna...

smb_exploitation_tool

python3.13 smbe...

PT-2023-3411 · Cloudflare · Cloudflare Warp Client For Windows

Name of the Vulnerable Software and Affected Versions: Cloudflare WARP client for Windows versions up to 2023.3.381.0 Description: The issue is related to insufficient access control policy on an IPC Named Pipe, allowing a malicious actor to remotely access the warp-svc.exe binary. This could...

Microsoft Patch Tuesday for August 2022 — Snort rules and prominent vulnerabilities

By Jon Munshaw and Vanja Svajcer. Microsoft released its monthly security update Tuesday, disclosing more than 120 vulnerabilities across its line of products and software, the most in a single Patch Tuesday in four months. This batch of updates also includes a fix for a new vulnerability in the...

Exploit for CVE-2022-26809

CVE-2022-26809WIP This repo just simply research for the...

Threat Analysis: CVE-2020-0796 – EternalDarkness (ghostSMB)

On March 10, 2020 analysis of a SMB vulnerability was inadvertently shared, under the assumption that Microsoft was releasing a patch for that vulnerability CVE-2020-0796. As of March 12, Microsoft has since released a patch for CVE-2020-0796, which is a vulnerability specifically affecting SMB3...

SMBGhost – Analysis of CVE-2020-0796

ARCHIVED STORY SMBGhost – Analysis of CVE-2020-0796 By Eoin Carrol - March 12, 2020 The Vulnerability The latest vulnerability in SMBv3 is a “wormable” vulnerability given its potential ability to replicate or spread over network shares using the latest version of the protocol SMB 3.1.1. As of...

get_Team_Pass - Get Teamviewer's ID And Password From A Remote Computer In The LAN

Get teamviewer's ID and password from a remote computer in the LAN This program gets teamviewer's ID and password from a remote computer in the LAN. Most useful for postexploitation or sysadmins Tested on windows 7 and windows 10 x86 and x64 Prerequisites You must have valid credentials on the...

Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check)

Nessus was able to obtain the set of SMB2 and SMB3 dialects running on the remote host by sending an authentication request to port 139 or 445. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid106716; scriptversion"1.6";...

Samba Version

Nessus was able to obtain the samba version from the remote operating by sending an authentication request to port 139 or 445. Note that this plugin requires SMB1 to be enabled on the host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid104887; scriptversion"1.2";...

SMBLoris: What You Need To Know

What's Up? Astute readers may have been following the recent news around "SMBLoris" -- a proof-of-concept exploit that takes advantage of a vulnerability in the implementation of SMB services on both Windows and Linux, enabling attackers to "kill you softly" with a clever, low-profile...

WMI Event Subscription Persistence

This module will create a permanent WMI event subscription to achieve file-less persistence using one of five methods. The EVENT method will create an event filter that will query the event log for an EVENTIDTRIGGER default: failed logon request id 4625 that also contains a specified...