13 matches found
Linux WSL via Startup Folder Persistence
This module establishes persistence by creating a payload in the windows startup folder from within the Windows Subsystem for Linux WSL environment. This allows for code execution on Windows user login. Verified on Windows 10 with Ubuntu 24.04 WSL distribution. Module Options msf use...
Metasploit Wrap-Up 10/31/2025
New module content 3 ReDoc API Docs UI Exposed Author: Hamza Sahin Type: Auxiliary Pull request: 20594 contributed by HamzaSahin61 Path: scanner/http/redocexposed Description: Adds a module to detect publicly exposed ReDoc API documentation pages using read-only HTTP GET requests searching for...
Windows Persistent Startup Folder
This Metasploit module establishes persistence by creating a payload in the user or system startup folder. Works on Vista and newer systems...
EUVD-2021-24009
Malware in sbrugna...
EUVD-2006-1165
Malware in sbrugna...
Exploit for Path Traversal in Rarlab Winrar
CVE-2025-8088 WinRAR Exploit 🔓 A proof-of-concept exploit for...
Iranian Hackers Spotted Using a new DNS Hijacking Malware in Recent Attacks
The Iranian state-sponsored threat actor tracked under the moniker Lyceum has turned to using a new custom .NET-based backdoor in recent campaigns directed against the Middle East. "The new malware is a .NET based DNS Backdoor which is a customized version of the open source tool 'DIG.net,'"...
NCH IVM Attendant Remote Code Execution Vulnerability
NCH IVM Attendant is a complete voicemail, call attendant, and IVR solution for Windows.A security vulnerability exists in NCH IVM Attendant, which stems from the fact that if the pathname of a ZIP element is set to the Windows startup folder, a file with a built-in Out-Going Message function, or...
Directory traversal
NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt...
CVE-2021-37444
NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt...
NCH IVM Attendant 代码问题漏洞
NCH IVM Attendant is a complete voicemail, call attendant, and IVR solution for Windows.A security vulnerability exists in NCH IVM Attendant, which stems from the fact that if the pathname of a ZIP element is set to the Windows startup folder, a file with a built-in Out-Going Message function, or...
Path traversal
Absolute path traversal vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder...
CVE-2006-1161
CVE-2006-1161 affects Easy File Sharing Web Server (EFS) Web Server 3.2. It describes an absolute path traversal that allows remote registered users to upload a malicious file to the Windows startup folder and thereby execute arbitrary code. The provided documents consistently identify the vulner...