📄 Wifi Mouse 1.9.0.8 Unauthenticated Remote System Control

Wifi Mouse version 1.9.0.8 exposes a TCP control interface on port 1978 that allows remote execution of power commands shutdown, restart, sleep, logoff via unauthenticated commands. An attacker on the same network can exploit this to disrupt the system remotely without user interaction. Exploit...

WiFi Mouse 1.8.3.2 Remote Code Execution

Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Date: 13-10-2022 Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which do...

WiFi Mouse 1.8.3.2 - Remote Code Execution Exploit

Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which does not to prevent...

WiFi Mouse 1.8.3.2 - Remote Code Execution (RCE)

Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Date: 13-10-2022 Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which do...

Necta LLC WiFi Mouse Command Injection (CVE-2022-3218)

A command injection vulnerability exists in Necta LLC WiFi Mouse. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Metasploit Weekly Wrap-Up

Veritas Backup Exec Agent RCE This module kindly provided by c0rs targets the Veritas Backup Exec Agent in order to gain RCE as the system/root user. The exploit itself is actually a chain of 3 separate CVEs CVE-2021-27876, CVE-2021-27877 and CVE-2021-27878 which only makes it more impressive...

WiFi Mouse 1.8.3.4 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wifi Mouse RCE', 'Description' = %q The WiFi Mouse Mouse Server from Necta LLC contains an auth bypass as the authentication is completely...

WiFi Mouse 1.8.3.4 Remote Code Execution Exploit

The WiFi Mouse Mouse Server from Necta LLC contains an authentication bypass as the authentication is completely implemented entirely on the client side. By utilizing this vulnerability, is possible to open a program on the server cmd.exe in our case and type commands that will be executed as the...

Wifi Mouse RCE

The WiFi Mouse Mouse Server from Necta LLC contains an auth bypass as the authentication is completely implemented entirely on the client side. By utilizing this vulnerability, is possible to open a program on the server cmd.exe in our case and type commands that will be executed as the user...

CVE-2022-3218

Due to a reliance on client-side authentication, the WiFi Mouse Mouse Server from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution...

CVE-2022-3218 Necta WiFi Mouse (Mouse Server) client-side authentication bypass

Due to a reliance on client-side authentication, the WiFi Mouse Mouse Server from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution...

CVE-2022-3218

CVE-2022-3218 concerns the WiFi Mouse (Mouse Server) from Necta LLC, where authentication is implemented entirely on the client side, enabling a bypass that can lead to remote code execution. Multiple connected sources provide concrete details: (1) NVD/NVDC notes a client-side auth bypass allowin...

Unpatched Bug in WiFi Mouse App Opens PCs to Attack

The mobile application called WiFi Mouse, which allows users to control mouse movements on a PC or Mac with a smartphone or tablet, has an unpatched bug allowing adversaries to hijack desktop computers, according to researcher Christopher Le Roux who found the flaw. Impacted is the Android app’s...

WiFi Mouse 1.7.8.5 - Remote Code Execution Exploit

Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 Desktop Server software used by mobile app has PIN option which does not to...

WiFi Mouse 1.7.8.5 Remote Code Execution

Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Date: 25-02-2021 Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 Desktop Server software used by mobile app has PIN option whic...

CVE-2022-3218

Due to a reliance on client-side authentication, the WiFi Mouse Mouse Server from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution...

WiFi Mouse | keyboard - Base64 encoded String, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application WiFi Mouse | keyboard published at the 'play' market has multiple vulnerabilities...