Portmapper Amplification Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Portmapper Amplification Scanner', 'Description' = %q This module can be used to discover Portmapper services which can be used in an amplificati...

NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load And Administrator Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load and Administrator Password Reset', 'Description' = %q The NVRmini 2...

D-Link I2eye Video Conference AutoAnswer (WDBRPC)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link i2eye Video Conference AutoAnswer WDBRPC', 'Description' = %q This module can be used to enable auto-answer mode for the D-Link i2eye vide...

NETGEAR ProSafe Network Management System 300 Authenticated File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NETGEAR ProSafe Network Management System 300 Authenticated File Download', 'Description' = %q Netgear's ProSafe NMS300 is a network management...

NTP Monitor List Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP Monitor List Scanner', 'Description' = %q This module identifies NTP servers which permit "monlist" queries and obtains the recent clients...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches Stack-Based Buffer Overflow (CVE-2020-7007)

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Apache XML Security For Java vulnerable to authentication bypass by HMAC truncation

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in multiple products. The Apache XML Security Java is affected by the vulnerability published in US-Cert VU 466161. See: http://www.kb.cert.org/vuls/id/466161 for more information. This bug can allow ...

Apache Log4j JNDI message lookup vulnerability

Added: 12/16/2021 Background Apache Log4j is a logging library used by many Java applications. Problem An attacker who is able to control log message content could embed a JNDI reference to an LDAP or RMI URL which downloads an executable Java class, leading to arbitrary command execution...

North Korean Hackers Target Cybersecurity Researchers with Trojanized IDA Pro

Lazarus, the North Korea-affiliated state-sponsored group, is attempting to once again target security researchers with backdoors and remote access trojans using a trojanized pirated version of the popular IDA Pro reverse engineering software. The findings were reported by ESET security researche...

ManageEngine ADSelfService Plus has been abused in the wild due to a zero-day vulnerability

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An APT actor is attempting to exploit a zero-day vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution that poses a high risk to critical infrastructure companies,...

2021. The age of the super vulnerability?

I don’t know about you, but to me it seems that every week we are seeing another vulnerability that not only grants significant access to the vulnerable system but also more widely internally. This last week we have seen the latest round of Microsoft Exchange vulnerabilities. The April 2021 updat...

U.S. Dept Of Defense: Reflected XSS in https://███████ via search parameter

Summary: Reflected XSS in https://█████████ Description: I noticed I got an error when visiting https://███.mil stating The provided hostname is not valid for this server I pinged the site to see that it resolves to https://██████ ██████ Based on the content of the site I believe this asset is a...

US-Cert warns of North Korean BLINDINGCAN malware

By Zara Khan The malware variant ensued by the North Korean threat actors is called BLINDINGCAN. This is a post from HackRead.com Read the original post: US-Cert warns of North Korean BLINDINGCAN malware...

US Government Exposes North Korean Malware

US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. The first of the new malware variants, COPPERHEDGE, is described as a Remote Access Tool RAT "used by advanced persistent threat APT cyber...

Feds Reveal Hidden Cobra's Trove of Espionage Tools

The U.S. Department of Homeland Security and Federal Bureau of Investigation have exposed what they say are hacking tools used by the North Korean-sponsored APT group Hidden Cobra. The disclosure was the result of a broad government effort to combat the advanced persistent threat group, who have...

Wago PFC200 - Authenticated Remote Code Execution Exploit

Exploit for hardware platform in category web applications Exploit Title: Wago PFC200 - Authenticated Remote Code Execution Metasploit Exploit Author: Nico Jansen 0x483d Vendor Homepage: https://www.wago.com/ Version: 'Wago PFC200 authenticated remote code execution', 'Description' = %q The Wago...

Wago PFC200 - Authenticated Remote Code Execution (Metasploit)

Exploit Title: Wago PFC200 - Authenticated Remote Code Execution Metasploit Date: 2020-02-05 Exploit Author: Nico Jansen 0x483d Vendor Homepage: https://www.wago.com/ Version: 'Wago PFC200 authenticated remote code execution', 'Description' = %q The Wago PFC200 up to incl. Firmware 11 020835 is...

0day RCE in Firefox

This seems like a pretty interesting vulnerability CVE-2019-17026 in Firefox and Thunderbird in Windows, MacOS and Linux. "Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this...

DetExploit - Software That Detect Vulnerable Applications, Not-Installed OS Updates And Notify To User

DetExploit is software that detect vulnerable applications and not-installed important OS updates on the system, and notify them to user. As we know, most of cyberattacks uses vulnerability that is released out year before. I thought this is huge problem, and this kind of technology should be mor...

Lenovo Warns of ThinkPad Bugs, One Unpatched

Dozens of Lenovo’s flagship ThinkPad models are vulnerable to bugs ranging in severity from low to high. Two of the flaws are tied to industry-wide security bulletins, while a medium-severity flaw affects only Lenovo laptops but remains unpatched. The most severe of the three bugs is a...