4 matches found
Spray365 - Makes Spraying Microsoft Accounts (Office 365 / Azure AD) Easy Through Its Customizable Two-Step Password Spraying Approach
Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts Office 365 / Azure AD. How is Spray365 different from the many other password spraying tools that are already available? Spray365 enables passwords to be sprayed from an "execution plan". While having a...
cxf: JMX integration is vulnerable to a MITM attack
Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle MITM style attack. An...
CVE-2019-11862
The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying...
MikroTik RouterOS 6.43.12 (stable) 6.42.12 (long-term) - Firewall and NAT Bypass
MikroTik RouterOS 6.43.12 stable 6.42.12 long-term - Firewall and NAT Bypass CVE-2019-3924 A remote, unauthenticated attacker can proxy traffic through RouterOS via probes sent to the agent binary. This PoC demonstrates how to exploit a LAN host from the WAN. A video demonstrating the attack can ...