110 matches found
CVE-2026-22093
The EVbee Service Android app uses TLS encrypted communication HTTPS, but does not validate the certificate provided by the server. This allows an attacker on the network path between the app and EVbee server to intercept and manipulate the communication between the app and server. The traffic is...
CVE-2026-22093 Adversary-in-the-Middle (AitM) attack vulnerability in EVbee Service app
The EVbee Service Android app uses TLS encrypted communication HTTPS, but does not validate the certificate provided by the server. This allows an attacker on the network path between the app and EVbee server to intercept and manipulate the communication between the app and server. The traffic is...
CVE-2026-22093
CVE-2026-22093 affects EVbee Service app (v1.4.101.00). The issue arises because the Android app performs TLS/HTTPS communication but does not validate the server certificate, enabling a man‑in‑the‑middle attacker on the network path to intercept and manipulate traffic. Additionally, the app is d...
FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/dllinject/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options ...show and se...
FTP Fetch, Windows x64 Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x64 payload from an FTP server. Spawn a piped command shell Windows x64 staged. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x64/shell/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf...
FTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x64 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x64/vncinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options...
FTP Fetch, Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Listen for a connection Module Options msf use payload/cmd/windows/ftp/x86/upexec/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show...
CVE-2026-39031
Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a...
CVE-2026-39031
Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a...
HTTPS Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an HTTPS server. Listen for a connection Module Options msf use payload/cmd/windows/https/x86/peinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options... m...
HTTPS Fetch, Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an HTTPS server. Uploads an executable and runs it staged. Listen for a connection Module Options msf use payload/cmd/windows/https/x86/upexec/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4...
HTTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an HTTP server. Listen for a connection Module Options msf use payload/cmd/windows/http/x86/patchupdllinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set...
HTTP Fetch, Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an HTTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/upexec/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION ms...
HTTP Fetch, Windows shellcode stage, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an HTTP server. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/custom/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show...
HTTP Fetch, Windows shellcode stage, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an HTTP server. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/custom/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf...
CVE-2026-27519
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...
CVE-2026-27519
Binardat 10G08-0800GSM network switch firmware up to version V300SP10260209 uses RC4 with a hard-coded key embedded in client-side JavaScript. The static key enables an attacker to decrypt protected values, defeating confidentiality protections. Affected component: firmware (vulnerable RC4 implem...
CVE-2026-27519 Binardat 10G08-0800GSM Network Switch Hard-coded RC4 Encryption Key
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections...
MiracleLinux 3 : libxslt-1.1.17-2.1.2AXS3 (AXSA:2008-83:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-83:01 advisory. libxslt is a library for transforming XML files into other XML files using the standard XSLT stylesheet transformation mechanism. CVE-2008-2935: Multiple...
Amadey Exploiting Self-Hosted GitLab to Distribute StealC
Amadey Exploiting Self-Hosted GitLab to Distribute StealC By Rahul Sharma · December 18, 2025 Executive summary Amadey is a malware loader that has been active since 2018, primarily used to distribute second-stage payloads and infostealers. While Amadey has been previously known to distribute...