CVE-2018-3607

CVE-2018-3607 relates to Trend Micro Control Manager 6.0 with a SQL injection in the XXXTreeNode method that enables remote code execution. ZDI advisories detail specific vulnerable paths (InsertSelectedTreeNodeWithACL, sp_DeleteSelectedTreeNodesByRefKey, ClearSelectedTreeNode) and note that expl...

CVE-2018-3605

Concrete details available: Multiple SQL injection-based RCE vulnerabilities exist in Trend Micro Control Manager 6.0. Reports from ZDI describe flaws where user-supplied strings are not properly validated in the reporting servlet, enabling remote code execution. Affected methods include TopSensi...

HPE iLO4 Add New Administrator User

!/usr/bin/env python """ Exploit trigger was presented @reconbrx 2018 Vulnerability found and documented by synacktiv: https://www.synacktiv.com/posts/exploit/rce-vulnerability-in-hp-ilo.html Original advisory from HP: https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03769enus Other...

Exim SMTP server RCE via base64d

Exim SMTP email server versions before 4.90 are vulnerable to remote code execution via a vulnerability in Base64 decoding. Recent assessments: asoto-r7 at June 25, 2019 6:25pm UTC reported: There are a few PoCs for this one. Exim is a bear to setup and I wouldn’t be shocked to find unpatched...

Google Expands Play Marketplace Bug Bounty Program

UPDATE Google is expanding the number of bounties available in its Google Play Security Reward Program, a step that comes amid a flurry of mitigation activities against malicious apps found in its official marketplace. The company introduced the program in October, in a long-awaited move...

Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution

Exploit Title: Adobe Coldfusion BlazeDS Java Object Deserialization RCE Date: February 6, 2018 Exploit Author: Faisal Tameesh @DreadSystems Company: Depth Security https://depthsecurity.com Version: Adobe Coldfusion 11.0.03.292866 Tested On: Windows 10 Enterprise 10.0.15063 CVE: CVE-2017-3066...

AutoSploit - Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets are collected automatically as well by employing the Shodan.io API. The program allows the user to enter their platform specific search query such as; Apache, IIS, etc, upon which a list of...

HPE iLO 4 2.53 - Add New Administrator User

HPE iLO 4 2.53 - Add New Administrator User !/usr/bin/env python """ Exploit trigger was presented @reconbrx 2018 Vulnerability found and documented by synacktiv: https://www.synacktiv.com/posts/exploit/rce-vulnerability-in-hp-ilo.html Original advisory from HP:...

HPE iLO 4 < 2.53 - Add New Administrator User

!/usr/bin/env python """ Exploit trigger was presented @reconbrx 2018 Vulnerability found and documented by synacktiv: https://www.synacktiv.com/posts/exploit/rce-vulnerability-in-hp-ilo.html Original advisory from HP: https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03769enus Other...

Adobe Flash Player Within Google Chrome Multiple RCE Vulnerabilities - Mac OS X

Adobe Flash Player is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft IE And Microsoft Edge Flash Player Multiple RCE Vulnerabilities

Adobe Flash Player within Microsoft Edge or Internet Explorer is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

BMC Server Automation RSCD Agent - NSH Remote Command Execution Exploit

This Metasploit module exploits a weak access control check in the BMC Server Automation RSCD agent that allows arbitrary operating system commands to be executed without authentication. Note: Under Windows, non-powershell commands may need to be prefixed with 'cmd /c'. This module requires...

BMC Server Automation RSCD Agent - NSH Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BMC Server Automation RSCD Agent NSH Remote ' \ 'Command Execution', 'Description' = %q This module exploits a weak access control check in the B...

CVE-2017-15655

Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version =3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time...

Buffer overflow

Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version =3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time...

CVE-2017-15655

CVE-2017-15655 affects the AsusWRT HTTPd server in Asus routers with firmware versions up to 3.0.0.4.376.X. The vulnerability is a buffer overflow in the HTTPd service that can lead to remote code execution with administrator privileges when an administrator visits certain pages. All vulnerable i...

CVE-2017-15655

Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version =3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time...

HPE iMC 7.3 - RMI Java Deserialization Exploit

Exploit for windows platform in category remote exploits Exploit Title: HPE iMC 7.3 Java RMI Registry Deserialization RCE Vulnerability Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.hpe.com Software Link:...

HPE iMC 7.3 - RMI Java Deserialization

Exploit Title: HPE iMC 7.3 Java RMI Registry Deserialization RCE Vulnerability Date: 01-28-2018 Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.hpe.com Software Link:...

CVE-2017-1000353

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...