Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange Zero-Day

Starting February 27, 2021, Rapid7 has observed a notable increase in the exploitation of Microsoft Exchange through existing detections in InsightIDR’s Attacker Behavior Analytics ABA. The Managed Detection and Response MDR identified multiple, related compromises in the past 72 hours. In most...

File Upload Vulnerability in Merchant Backend Management System of Lianyungang Bubble Network Technology Co.

Lianyungang Bubble Network Technology Co., Ltd. focuses on WeChat small program micro-mall community group purchasing, fresh food e-commerce system development, is committed to the retail industry, to provide omni-channel e-commerce solutions. Lianyungang roll bubble network technology limited...

Indiscriminate Exploitation of Microsoft Exchange Servers (CVE-2021-24085)

The following blog post was co-authored by Andrew Christian and Brendan Watters. Beginning Feb. 27, 2021, Rapid7’s Managed Detection and Response MDR team has observed a notable increase in the automated exploitation of vulnerable Microsoft Exchange servers to upload a webshell granting attackers...

VMware vCenter Server 7.0 Arbitrary File Upload

Exploit Title: VMware vCenter Server 7.0 - Unauthenticated File Upload Date: 2021-02-27 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2021-0002.html Version: vCenter Server 6.5 7515524. File name CVE-2021-21972.py written by tijldotdeneutathowestdotb...

VMware vCenter Server 7.0 - Unauthenticated File Upload

Exploit Title: VMware vCenter Server 7.0 - Unauthenticated File Upload Date: 2021-02-27 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2021-0002.html Version: vCenter Server 6.5 7515524. File name CVE-2021-21972.py written by tijldotdeneutathowestdotb...

File Upload Vulnerability in KUKA.OfficeLite

KUKA.OfficeLite is KUKA's virtual robot controller. A file upload vulnerability exists in KUKA.OfficeLite. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

File Upload Vulnerability in Xunrui CMS

CMS is a content management framework based on CodeIgniter4. A file upload vulnerability exists in XunRui CMS. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

Hackers Exploit IT Monitoring Tool Centreon to Target Several French Entities

Russia-linked state-sponsored threat actor known as Sandworm has been linked to a three-year-long stealthy operation to hack targets by exploiting an IT monitoring tool called Centreon. The intrusion campaign — which breached "several French entities" — is said to have started in late 2017 and...

SEO Panel 4.6.0 - Remote Code Execution (2)

Exploit Title: SEO Panel 4.6.0 - Remote Code Execution 2 Date: 22 Jan 2021 Exploit Author: Kr0ff Vendor Homepage: https://www.seopanel.org/https://www.kentico.com/ Software Link: https://www.seopanel.org/spdownload/4.6.0 Version: 4.6.0 Tested on: Ubuntu 20.04 !/usr/bin/env python3 ''' DESCRIPTION...

Document Uploading Vulnerability in Bidding and Procurement Management System of Guangdong Guangling Information Technology Co.

Founded in April 1998 and headquartered in Jinshan Park of Tianhe Software Park, a national software industry base, Guangdong Guangling Information Technology Co., Ltd. has been focusing on the fields of Big Data, Cloud Computing and Artificial Intelligence. A file upload vulnerability exists in...

Shaanxi Jinhua Network Technology Co., Ltd. digital newspaper management platform has file upload vulnerability

Ltd. abbreviation: Jinhua Technology is a new media technology company, mastering PDF intelligent anti-decomposition technology, focusing on the development of new media software for the digital newspaper industry, and now has a complete series of software products for the digital newspaper...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2020-17144-EXP 条件: Exchange2010; 普通用户 默认用法写webshell: CVE-2020-17144-EXP.exe mail.example.com user pass 执行命令 & 端口复用: 修改ExploitClass.cs 参考 @zcgonvh...

File Upload Vulnerability in MessageSolution Enterprise Email Archive Management System EEA

MessageSolution is a developer of enterprise email archiving software. A file upload vulnerability exists in the MessageSolution enterprise email archiving management system EEA. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

File Upload Vulnerability in Management Easy Series Software of Guangzhou eCapital Software Technology Co.

Ltd. was founded in 2008, has been focusing on advertising industry management software research and development, is an advertising industry management software vendors, is committed to providing management software services for a large number of advertising production companies, advertising medi...

CVE-2021-21245

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data request.getInputStream to a user specified location request.getHeader"File-Name". This issue may lead to arbitrary file upload which can be used to upload a WebShell to...

CVE-2021-21245

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data request.getInputStream to a user specified location request.getHeader"File-Name". This issue may lead to arbitrary file upload which can be used to upload a WebShell to...

Design/Logic Flaw

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data request.getInputStream to a user specified location request.getHeader"File-Name". This issue may lead to arbitrary file upload which can be used to upload a WebShell to...

CVE-2021-21245

CVE-2021-21245 affects OneDev prior to 4.0.3, where AttachmentUploadServlet saves user-controlled data from the request into a user-specified path via File-Name header. This can enable arbitrary file upload and potential WebShell deployment on the OneDev server. The issue is addressed in 4.0.3 by...

CVE-2021-21245 Pre-Auth Arbitrary File Upload

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data request.getInputStream to a user specified location request.getHeader"File-Name". This issue may lead to arbitrary file upload which can be used to upload a WebShell to...

File Upload Vulnerability in Niushop Multi-Merchant System (CNVD-2021-07501)

Shanghai Niuzhiyun Network Technology Co., Ltd. is engaged in mobile Internet, e-commerce software-led technology research and development-oriented enterprises. A file upload vulnerability exists in the Niushop multi merchant system. Attackers can utilize the vulnerability to upload webshell and...