Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle WebLogic wls-wsat Component Deserialization RCE', 'Description' = %q The Oracle WebLogic WLS WSAT Component is vulnerable to a XML...

HP Pagewide and OfficeJet Printers RCE Vulnerability (Jan 2018)

A potential security vulnerability has been identified with HP PageWide Printers and HP OfficeJet Pro Printers. This vulnerability could potentially be exploited to execute arbitrary code. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources...

Automattic: wpjobmanager - unserialize of user input

Vulnerability occurs in getjoblistings function to be more precise line 160 - 164 in wp-job-manager-functions.php. $result = new WPQuery $queryargs ; $cachedquery = false; settransient $queryargshash, $result, DAYINSECONDS ; e.g. you perform serialize on object that have escsql-ed values and afte...

Schneider Electric InduSoft Web Studio / InTouch Machine Edition < 8.1 RCE

Binary data scadaschneiderelectriciwsitmecve-2017-14024.nbin...

Primefaces 5.x - Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CVE-2017-1000486 Primefaces Remote Code Execution Exploit', 'Description' = %q This module exploits an expression language remote code execution...

Exploit for Observable Discrepancy in Intel Atom_C

CiscoSpectreTakeover A PoC chain exploit using the recent...

MikroTik RouterOS < 6.38.5 RCE

!/usr/bin/env python2 Mikrotik Chimay Red Stack Clash Exploit by wsxarcher based on BigNerd95 POC tested on RouterOS 6.38.4 x86 ASLR enabled on libs only DEP enabled import socket, time, sys, struct from pwn import import ropgadget ASTSTACKSIZE = 0x20000 stack size per thread 128 KB SKIPSPACE =...

Oracle PeopleSoft 8.5x - Remote Code Execution

Oracle PeopleSoft 8.5x - Remote Code Execution Exploit Title: RCE vulnerability in monitor service of PeopleSoft 8.54, 8.55, 8.56 Date: 30 Oct 2017 Exploit Author: Vahagn Vardanyan Vendor Homepage: Oracle Software Link: Oracle PeopleSoft Version: 8.54, 8.55, 8.56 Tested on: Windows, Linux CVE :...

Oracle PeopleSoft 8.5x - Remote Code Execution Vulnerability

Exploit for java platform in category web applications Exploit Title: RCE vulnerability in monitor service of PeopleSoft 8.54, 8.55, 8.56 Date: 30 Oct 2017 Exploit Author: Vahagn Vardanyan Vendor Homepage: Oracle Software Link: Oracle PeopleSoft Version: 8.54, 8.55, 8.56 Tested on: Windows, Linux...

D-Link Routers 110/412/615/815 Arbitrary Code Execution

!/usr/bin/python Exploit Title: D-Link WAP 615/645/815 .?.?', 'Product Page : .?' def dlinkdetection: try: r = requests.getURL, timeout=10.00 except requests.exceptions.ConnectionError: print "Error: Failed to connect to " + URL return False if r.statuscode != 200: print "Error: " + URL + "...

Oracle PeopleSoft 8.5x Remote Code Execution

Exploit Title: RCE vulnerability in monitor service of PeopleSoft 8.54, 8.55, 8.56 Date: 30 Oct 2017 Exploit Author: Vahagn Vardanyan Vendor Homepage: Oracle Software Link: Oracle PeopleSoft Version: 8.54, 8.55, 8.56 Tested on: Windows, Linux CVE : CVE-2017-10366...

Oracle PeopleSoft 8.5x - Remote Code Execution

Exploit Title: RCE vulnerability in monitor service of PeopleSoft 8.54, 8.55, 8.56 Date: 30 Oct 2017 Exploit Author: Vahagn Vardanyan Vendor Homepage: Oracle Software Link: Oracle PeopleSoft Version: 8.54, 8.55, 8.56 Tested on: Windows, Linux CVE : CVE-2017-10366...

Remote Code Execution (RCE)

Jackson-databind is vulnerable to remote code execution RCE attacks. Attackers can exploit an incomplete fix of CVE-2017-7525 to bypass the blacklist when Spring libraries are available on the class path. In order to be vulnerable to this attack, either the use of @JsonTypeInfouse =...

Sangoma NetBorder/Vega Session Controller < 2.3.12-80-GA RCE Vulnerability - Active Check

Sangoma NetBorder/Vega Session Controller is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

HPE iMC dbman RestartDB Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HPE iMC dbman RestartDB Unauthenticated RCE', 'Description' = %q This module exploits a remote command execution vulnerablity in Hewlett Packard...

HPE iMC - dbman &#039;RestartDB&#039; Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HPE iMC dbman RestartDB Unauthenticated RCE', 'Description' = %q This module exploits a remote command execution vulnerablity in Hewlett Packard...

HPE iMC - dbman &#039;RestoreDBase&#039; Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HPE iMC dbman RestoreDBase Unauthenticated RCE', 'Description' = %q This module exploits a remote command execution vulnerablity in Hewlett Packa...

Microsoft Office Compatibility Pack Service Pack 3 Multiple RCE Vulnerabilities (KB4011607)

This host is missing a critical security update according to Microsoft KB4011607 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Office Compatibility Pack Service Pack 3 RCE Vulnerability (KB4011605)

This host is missing an important security update according to Microsoft KB4011605 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft Word 2010 Service Pack 2 Multiple RCE Vulnerabilities (KB4011659)

This host is missing a critical security update according to Microsoft KB4011659 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...