58 matches found
CVE-2026-25865 Punto Switcher 4.5.0.583 Unquoted Search Path via WinExec
Punto Switcher through 4.5.0.583 contains an unquoted search path element vulnerability that allows local attackers to execute arbitrary code by exploiting the application's call to WinExec without a fully qualified path for RunDll32.exe when invoking shell32.dll ControlRunDLL input.dll. Attacker...
CVE-2025-66576
Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...
EUVD-2025-201265
Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...
CVE-2025-66576
Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...
CVE-2025-66576
Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...
CVE-2025-66576 Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)
Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution...
CVE-2025-66576
CVE-2025-66576 affects Remote Keyboard Desktop 1.0.1. The vulnerability stems from the rundll32.exe export function named “export,” which allows remote attackers to execute system commands and achieve unauthenticated code execution. Public sources in the provided set reiterate the RCE impact but ...
Remotecontrolio Remote Keyboard Desktop 操作系统命令注入漏洞
Remotecontrolio Remote Keyboard Desktop is a remote control application from Remotecontrolio. An operating system command injection vulnerability exists in Remotecontrolio Remote Keyboard Desktop version 1.0.1, which stems from a flaw in the rundll32.exe export function that could lead to...
PT-2025-49152
Name of the Vulnerable Software and Affected Versions Remote Keyboard Desktop version 1.0.1 Description The software allows remote attackers to execute system commands. This is possible through the rundll32.exe exported function export, leading to unauthenticated code execution. Recommendations A...
📄 Microsoft Windows 10 Famille 10.0.19045.5487 (rundll32) Privilege Escalation
Microsoft Windows 10 Famille version 10.0.19045.5487 suffers from a rundll32 related privilege escalation vulnerability. ============================================================================================================================================= | Title : Microsoft Windows 10...
New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs
Cybersecurity researchers have shed light on a new campaign that has likely targeted the Russian automobile and e-commerce sectors with a previously undocumented .NET malware dubbed CAPI Backdoor. According to Seqrite Labs, the attack chain involves distributing phishing emails containing a ZIP...
Microsoft Windows Defender - Detection Mitigation Bypass TrojanWin32Powessere.G
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERTROJAN.WIN32.POWESSERE.GMITIGATIONBYPASSPART3.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...
Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERTROJAN.WIN32.POWESSERE.GMITIGATIONBYPASSPART2.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...
Microsoft Windows Defender / Detection Bypass Part 3
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSDEFENDERTROJAN.WIN32.POWESSERE.GMITIGATIONBYPASSPART3.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Windows Defender...
Metasploit Weekly Wrap-Up 02/16/2024
New Fetch Payload It has been almost a year since Metasploit released the new fetch payloads and since then, 43 of the 79 exploit modules have had support for fetch payloads. The original payloads supported transferring the second stage over HTTP, HTTPS and FTP. This week, Metasploit has expanded...
SMB Fetch, Windows Meterpreter Shell, Bind TCP Inline (x64)
Fetch and execute an x64 payload from an SMB server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/smb/x64/meterpreterbindtcp msf payloadmeterpreterbindtcp show actions ...actions... msf payloadmeterpreterbindtcp set...
SMB Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x64 payload from an SMB server. Connect back to the attacker Module Options msf use payload/cmd/windows/smb/x64/vncinject/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options ...show and se...
SMB Fetch, Windows shellcode stage, Windows x64 Bind Named Pipe Stager
Fetch and execute an x64 payload from an SMB server. Custom shellcode stage. Listen for a pipe connection Windows x64 Module Options msf use payload/cmd/windows/smb/x64/custom/bindnamedpipe msf payloadbindnamedpipe show actions ...actions... msf payloadbindnamedpipe set ACTION msf...
SMB Fetch, Windows shellcode stage, Bind TCP Stager with UUID Support (Windows x64)
Fetch and execute an x64 payload from an SMB server. Custom shellcode stage. Listen for a connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/smb/x64/custom/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf...
SMB Fetch, Reverse TCP Stager with UUID Support (Windows x64)
Fetch and execute an x64 payload from an SMB server. Connect back to the attacker with UUID Support Windows x64 Module Options msf use payload/cmd/windows/smb/x64/meterpreter/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf...