Remote Code Execution (RCE)

gitlab is vulnerable to Remote Code Execution RCE. The vulnerability exists due to the improper access control in the CI/CD cache mechanism of the library, which allows an attacker with developer privileges to perform cache poisoning leading to arbitrary code execution in protected branches...

CVE-2023-37903

CVE-2023-37903 — vm2 (Node.js sandbox) Affected: vm2 versions up to and including 3.9.19, which is an open-source VM/sandbox for Node.js. Root cause: The library’s sandbox escape can be triggered via the Node.js custom inspect function, enabling an attacker to escape the sandbox and execute code ...

Metasploit Weekly Wrap up

It’s open season on Openfire with a new RCE module in Metasploit This week the Metasploit framework saw the addition of an RCE module which exploits path traversal vulnerability in the instant messaging and group chat server, Openfire. The module was submitted by the one and only community...

CISA: You've got two weeks to patch Citrix NetScaler vulnerability CVE-2023-3519

The Cybersecurity and Infrastructure Security Agency CISA has added a critical unauthenticated remote code execution RCE vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that...

Exploit for Code Injection in Apache Airflow

Apache Airflow official report description says: A vulnerab...

Perch v3.2 - Remote Code Execution Exploit

Exploit Title: Perch v3.2 - Remote Code Execution RCE Application: Perch Cms Version: v3.2 Bugs: RCE Technology: PHP Vendor URL: https://grabaperch.com/ Software Link: https://grabaperch.com/download Date of found: 21.07.2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & POC...

CVE-2023-37165

Millhouse-Project v1.414 was discovered to contain a remote code execution RCE vulnerability via the component /addpostsql.php...

CVE-2023-38203 Analysis CVE-2023-29300 Bypass: Adobe ColdFusion Pre-Auth RCE

Adobe ColdFusion versions 2018u17 and earlier, 2021u7 and earlier and 2023u1 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction...

Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

SUMMARY Update September 6, 2023: This Cybersecurity Advisory has been updated with new tactics, techniques, and procedures TTPs as well as indicators of compromise IOCs received from an additional victim and trusted third parties. Update End The Cybersecurity and Infrastructure Security Agency...

A Few More Reasons Why RDP is Insecure (Surprise!)

If it seems like Remote Desktop Protocol RDP has been around forever, it's because it has at least compared to the many technologies that rise and fall within just a few years. The initial version, known as "Remote Desktop Protocol 4.0," was released in 1996 as part of the Windows NT 4.0 Terminal...

Blackcat CMS 1.4 Shell Upload

Exploit Title: Blackcat Cms v1.4 - Remote Code Execution RCE Application: blackcat Cms Version: v1.4 Bugs: RCE Technology: PHP Vendor URL: https://blackcat-cms.org/ Software Link: https://github.com/BlackCatDevelopment/BlackCatCMS Date of found: 13.07.2023 Author: Mirabbas Ağalarov Tested on: Lin...

CVE-2023-37165

CVE-2023-37165 affects Millhouse-Project v1.414 with a remote code execution (RCE) via the /add_post_sql.php component. The CVSS v3.1 base score is 9.8 (CRITICAL) with network attack vector, low complexity, no privileges required, and high impact to confidentiality, integrity, and availability. M...

OpenBSD OpenSSH < 9.3p2 RCE Vulnerability

OpenBSD OpenSSH is prone to a remote code execution RCE vulnerability in OpenSSH SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.

Title: Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE. Author: nu11secur1ty Date: 07.18.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/microsoft-office Reference: https://portswigger.net/web-security/access-control...

CMS Made Simple 2.2.17 Remote Code Execution

Exploit Title: CmsMadeSimple v2.2.17 - Remote Code Execution RCE Application: CmsMadeSimple Version: v2.2.17 Bugs: Remote Code ExecutionRCE Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 12-07-2023 Author:...

Openfire authentication bypass with RCE plugin

Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversal attack via the setup environment. This permitted an unauthenticated user to use the unauthenticated Openfire Setup...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

It is an exploit module for Log4j. The vulnerability class/vecto...

CVE-2023-22506

This High severity Injection and RCE Remote Code Execution vulnerability known as CVE-2023-22506 was introduced in version 8.0.0 of Bamboo Data Center. This Injection and RCE Remote Code Execution vulnerability, with a CVSS Score of 7.5, allows an authenticated attacker to modify the actions...

Remote code execution

This High severity Injection and RCE Remote Code Execution vulnerability known as CVE-2023-22506 was introduced in version 8.0.0 of Bamboo Data Center. This Injection and RCE Remote Code Execution vulnerability, with a CVSS Score of 7.5, allows an authenticated attacker to modify the actions...

Oracle Java SE Security Update (jul2023) 04 - Windows

Oracle Java SE is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...