GO-2025-3768 Velociraptor vulnerable to privilege escalation via UpdateConfig artifact in www.velocidex.com/golang/velociraptor

Velociraptor vulnerable to privilege escalation via UpdateConfig artifact in www.velocidex.com/golang/velociraptor...

Velociraptor vulnerable to privilege escalation via UpdateConfig artifact

Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...

GHSA-GPFC-MPH4-QM24 Velociraptor vulnerable to privilege escalation via UpdateConfig artifact

Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...

CVE-2025-6264 Velociraptor priviledge escalation via UpdateConfig artifact

Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...

CVE-2025-6264 Velociraptor priviledge escalation via UpdateConfig artifact

Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...

CVE-2025-6264

Velociraptor CVE-2025-6264 describes privilege escalation via the Admin.Client.UpdateClientConfig artifact. The issue arises because this artifact does not enforce an additional required permission, allowing users with COLLECT_CLIENT (usually Investigator) to collect it and update configuration. ...

CompleteFTP Professional 12.1.3 - Remote Code Execution

Exploit Title: CompleteFTP Professional 12.1.3 - Remote Code Execution Date: 2020-03-11 Exploit Author: 1F98D Original Author: Rhino Security Labs Vendor Homepage: https://enterprisedt.com/products/completeftp/ Version: CompleteFTP Professional Tested on: Windows 10 x64 CVE: CVE‑2019‑16116...