3801 matches found
Gradio - Server Side Request Forgery
An SSRF Server-Side Request Forgery vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the...
FTP Fetch, Reverse All-Port TCP Stager
Fetch and execute an x86 payload from an FTP server. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/ftp/x86/vncinject/reversetcpallports msf payloadreversetcpallports show actions ...actions... msf payloadreversetcpallports se...
FTP Fetch, Windows Command Shell, Reverse All-Port TCP Stager
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/ftp/x86/shell/reversetcpallports msf payloadreversetcpallports show actions ...actions...
FTP Fetch, Reverse All-Port TCP Stager
Fetch and execute an x86 payload from an FTP server. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/ftp/x86/peinject/reversetcpallports msf payloadreversetcpallports show actions ...actions... msf payloadreversetcpallports set...
FTP Fetch, Reverse All-Port TCP Stager
Fetch and execute an x86 payload from an FTP server. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/ftp/x86/patchupdllinject/reversetcpallports msf payloadreversetcpallports show actions ...actions... msf...
FTP Fetch, Reverse All-Port TCP Stager
Fetch and execute an x86 payload from an FTP server. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/ftp/x86/patchupmeterpreter/reversetcpallports msf payloadreversetcpallports show actions ...actions... msf...
FTP Fetch, Windows Upload/Execute, Reverse All-Port TCP Stager
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/ftp/x86/upexec/reversetcpallports msf payloadreversetcpallports show actions...
FTP Fetch, Windows shellcode stage, Reverse All-Port TCP Stager
Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/ftp/x86/custom/reversetcpallports msf payloadreversetcpallports show actions ...actions... msf...
FTP Fetch, Reverse All-Port TCP Stager
Fetch and execute an x86 payload from an FTP server. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/ftp/x86/meterpreter/reversetcpallports msf payloadreversetcpallports show actions ...actions... msf payloadreversetcpallports...
FTP Fetch, Reverse All-Port TCP Stager
Fetch and execute an x86 payload from an FTP server. Try to connect back to the attacker, on all possible ports 1-65535, slowly Module Options msf use payload/cmd/windows/ftp/x86/dllinject/reversetcpallports msf payloadreversetcpallports show actions ...actions... msf payloadreversetcpallports se...
CVE-2026-59882
guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.3, Uri::assertValidHost does not reject URI host components containing authority delimiters, embedded ports, or malformed IPv6 brackets, allowing Uri::getHost to disagree with the URI authority used for security ...
CVE-2026-15063
A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing th...
CVE-2026-15063
The CVE-2026-15063 affects the gorch service in the trustyai-service-operator. The issue is that, even with authentication enabled, gorch exposes unproxied orchestrator and detector metrics ports, reachable from any pod on the cluster network. This bypasses kube-rbac-proxy authentication, enablin...
CVE-2026-15063 Trustyai-service-operator: trustyai service operator: gorch port bypass when auth is enabled
A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing th...
CVE-2026-57851
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...
CVE-2026-57851 MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...
EUVD-2026-37801
Steeltoe vulnerable to management-port isolation bypass via spoofed Host header...
Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
In this article 1. Attack chain overview 2. Mitigation and protection guidance 3. References 4. Learn more Microsoft Threat Intelligence has identified an active multi-stage intrusion campaign targeting organizations in the hospitality and hotel industry since April 2026. We’ve observed this...
CVE-2026-53220
In the Linux kernel, the following vulnerability has been resolved: netfilter: revalidate bridge ports ebtredirecttg dereferences brportgetrcu return without a NULL check, causing a kernel panic when the bridge port has been removed between the original hook invocation and an NFQUEUE reinject. A...
CVE-2026-12490
When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...