24 matches found
Exploit for Use of Client-Side Authentication in Necta Wifi_Mouse_Server
Paso 1 — Crear un payload REAL Windows msfvenom -p windows/x6...
📄 Wifi Mouse 1.9.0.8 Unauthenticated Remote System Control
Wifi Mouse version 1.9.0.8 exposes a TCP control interface on port 1978 that allows remote execution of power commands shutdown, restart, sleep, logoff via unauthenticated commands. An attacker on the same network can exploit this to disrupt the system remotely without user interaction. Exploit...
📄 Wifi Mouse 1.9.0.8 Remote Code Execution
WiFi Mouse Server version 1.9.0.8 allows unauthenticated remote code execution by simulating keyboard input over TCP port 1978. This exploit connects to the server and simulates a keystroke to delivery a reverse shell. Exploit Title: Wifi Mouse version 1.9.0.8 - Remote Code Execution Date:...
WiFi Mouse 1.8.3.2 - Remote Code Execution (RCE)
Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Date: 13-10-2022 Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which do...
WiFi Mouse 1.8.3.2 - Remote Code Execution Exploit
Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which does not to prevent...
WiFi Mouse 1.8.3.2 Remote Code Execution
Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Date: 13-10-2022 Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which do...
Necta LLC WiFi Mouse Command Injection (CVE-2022-3218)
A command injection vulnerability exists in Necta LLC WiFi Mouse. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Metasploit Weekly Wrap-Up
Veritas Backup Exec Agent RCE This module kindly provided by c0rs targets the Veritas Backup Exec Agent in order to gain RCE as the system/root user. The exploit itself is actually a chain of 3 separate CVEs CVE-2021-27876, CVE-2021-27877 and CVE-2021-27878 which only makes it more impressive...
WiFi Mouse 1.8.3.4 Remote Code Execution Exploit
The WiFi Mouse Mouse Server from Necta LLC contains an authentication bypass as the authentication is completely implemented entirely on the client side. By utilizing this vulnerability, is possible to open a program on the server cmd.exe in our case and type commands that will be executed as the...
WiFi Mouse 1.8.3.4 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wifi Mouse RCE', 'Description' = %q The WiFi Mouse Mouse Server from Necta LLC contains an auth bypass as the authentication is completely...
Wifi Mouse RCE
The WiFi Mouse Mouse Server from Necta LLC contains an auth bypass as the authentication is completely implemented entirely on the client side. By utilizing this vulnerability, is possible to open a program on the server cmd.exe in our case and type commands that will be executed as the user...
CVE-2022-3218
Due to a reliance on client-side authentication, the WiFi Mouse Mouse Server from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution...
CVE-2022-3218
Due to a reliance on client-side authentication, the WiFi Mouse Mouse Server from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution...
Remote code execution
Due to a reliance on client-side authentication, the WiFi Mouse Mouse Server from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution...
CVE-2022-3218 Necta WiFi Mouse (Mouse Server) client-side authentication bypass
Due to a reliance on client-side authentication, the WiFi Mouse Mouse Server from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution...
CVE-2022-3218
CVE-2022-3218 concerns the WiFi Mouse (Mouse Server) from Necta LLC, where authentication is implemented entirely on the client side, enabling a bypass that can lead to remote code execution. Multiple connected sources provide concrete details: (1) NVD/NVDC notes a client-side auth bypass allowin...
Necta WiFi Mouse 授权问题漏洞
Necta WiFi Mouse is a wireless mouse from Necta. A security vulnerability exists in Necta WiFi Mouse version 1.7.8.5, which stems from the fact that due to the reliance on client-side authentication, the authentication mechanism can be easily bypassed, which could lead to remote code execution...
PT-2022-21141 · Necta Llc · Wifi Mouse
Name of the Vulnerable Software and Affected Versions: WiFi Mouse Mouse Server from Necta LLC affected versions not specified Description: The issue arises due to the WiFi Mouse Mouse Server's reliance on client-side authentication, which allows its authentication mechanism to be easily bypassed...
WiFi Mouse 1.7.8.5 - Remote Code Execution Exploit (2)
Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 Python 3 port done by RedHatAugust Original exploit:...
Unpatched Bug in WiFi Mouse App Opens PCs to Attack
The mobile application called WiFi Mouse, which allows users to control mouse movements on a PC or Mac with a smartphone or tablet, has an unpatched bug allowing adversaries to hijack desktop computers, according to researcher Christopher Le Roux who found the flaw. Impacted is the Android app’s...