HTTP Fetch, Hidden Bind TCP Stager

Fetch and execute an x86 payload from an HTTP server. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/http/x86/patchupmeterpreter/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... msf...

HTTP Fetch, Windows Command Shell, Hidden Bind TCP Stager

Fetch and execute an x86 payload from an HTTP server. Spawn a piped command shell staged. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/http/x86/shell/bindhiddentcp msf payloadbindhiddentcp show actions...

HTTP Fetch, Hidden Bind Ipknock TCP Stager

Fetch and execute an x86 payload from an HTTP server. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socke...

HTTP Fetch, Windows shellcode stage, Hidden Bind Ipknock TCP Stager

Fetch and execute an x86 payload from an HTTP server. Custom shellcode stage. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcod...

HTTP Fetch, Hidden Bind Ipknock TCP Stager

Fetch and execute an x86 payload from an HTTP server. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get your shellcode from any IP. The socke...

HTTP Fetch, Windows shellcode stage, Hidden Bind TCP Stager

Fetch and execute an x86 payload from an HTTP server. Custom shellcode stage. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/http/x86/custom/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... msf...

EUVD-2026-18400

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...

EUVD-2026-18364

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

CVE-2026-34425

OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass vulnerability in shell-bleed protection that allows attackers to execute blocked script content by using piped or complex command forms that the parser fails to recognize. Attackers can craft commands such as piped...

CVE-2026-34425 OpenClaw - Shell-Bleed Protection Preflight Validation Bypass

OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass vulnerability in shell-bleed protection that allows attackers to execute blocked script content by using piped or complex command forms that the parser fails to recognize. Attackers can craft commands such as piped...

CVE-2026-34425

OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass in the shell-bleed protection. The bypass lets attackers craft piped, subshell, or command-substitution forms that the parser fails to recognize, enabling execution of blocked script content that would otherwise be bl...

CVE-2026-34425 OpenClaw - Shell-Bleed Protection Preflight Validation Bypass

OpenClaw versions prior to commit 8aceaf5 contain a preflight validation bypass vulnerability in shell-bleed protection that allows attackers to execute blocked script content by using piped or complex command forms that the parser fails to recognize. Attackers can craft commands such as piped...

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

CVE-2026-35386

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...

UBUNTU-CVE-2026-35386

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...

CVE-2026-35386

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...

CVE-2026-35386

OpenSSH CVE-2026-35386 affects OpenSSH before 10.3. The vulnerability allows potential command execution via shell metacharacters in a username supplied on the command line, requiring an untrusted username and a non-default ssh_config with a % in use. Connected advisories (OpenSSH

Incorrect Behavior Order

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order via injection of shell metacharacters into the username parameter. An attacker can execute arbitrary commands by supplying specially crafted input. This is only exploitable if the username is untrusted and the '...

CVE-2026-35386

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...

CVE-2026-35386

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...