CVE-2024-45731

In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for...

CVE-2024-45731 Potential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk

In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for...

PT-2024-28722 · Vnote · Vnote

Name of the Vulnerable Software and Affected Versions: VNote versions prior to 3.18.1 Description: A code execution issue existed in VNote, allowing an attacker to execute arbitrary programs on the victim's system. This could be achieved by using a crafted URI in a note, such as...

Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection

Cybersecurity researchers have found a way to exploit a recently disclosed critical flaw in PaperCut servers in a manner that bypasses all current detections. Tracked as CVE-2023-27350 CVSS score: 9.8, the issue affects PaperCut MF and NG installations that could be exploited by an unauthenticate...

CVE-2022-48483

3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %WINDIR%\system32 files via /Electron/download directory traversal in conjunction with a path component that has a drive letter and uses backslash characters. NOTE: this issue exists because of an...

3CX 路径遍历漏洞

3CX is an IP PBX an IP-based corporate phone system based on open standards for software that provides complete unified communications. A security vulnerability exists in 3CX that stems from a directory traversal vulnerability in the /Electron/download interface, which allows reading the...

GLPI Manageentities Local File Inclusion

ADVISORY INFORMATION Exploit Title: GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin Date of found: 11 Jun 2022 Application: GLPI Manageentities 4.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...

Ransom.Conti MVID-2022-0601 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/b485c36f28c5c967a50001c9e8d2c29c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs ...

Ransom.REvil MVID-2022-0595 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/7a96d7a1f28bfb6ae36a15263a8a7135.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.REvil Vulnerability: Code Execution Description: REvil looks for and executes DLLs ...

Ransom.Satana Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/46bfd4f1d581d7c0121d2b19a005d3df.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Satana Vulnerability: Code Execution Description: Satana searches for and loads a D...

Ransom.Cryakl Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/2aea3b217e6a3d08ef684594192cafc8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Cryakl Vulnerability: Code Execution Description: Cryakl looks for and loads a DLL...

Ransom.Conti Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/20f0c736a966142de88dee06a2e4a5b1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs ...

Ransom.Petya Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/8ed9a60127aee45336102bf12059a850.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Petya Vulnerability: Code Execution Description: Petya looks for and loads a DLL...

PT-2022-18743 · 3Cx · 3Cx Phone System Management Console

Name of the Vulnerable Software and Affected Versions: 3CX Phone System Management Console versions prior to 18 Update 3 FINAL Description: An issue was discovered in the 3CX Phone System Management Console, where an unauthenticated attacker could abuse improperly secured access to arbitrary file...

BlackBasta Ransom Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/998022b70d83c6de68e5bdf94e0f8d71.txt Contact: [email protected] Media: twitter.com/malvuln Threat: BlackBasta Ransom Vulnerability: Code Execution Description: BlackBasta looks for and loads a DLL...

RedLine.Stealer Code Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/0adb0e2ac8aa969fb088ee95c4a91536.txt Contact: [email protected] Media: twitter.com/malvuln Threat: RedLine.Stealer Vulnerability: Code Execution Description: RedLine looks for and loads a DLL named...

TermTalk Server 3.24.0.2 - Arbitrary File Read (Unauthenticated) Vulnerability

Exploit Title: TermTalk Server 3.24.0.2 - Arbitrary File Read Unauthenticated Date: 03/01/2022 Exploit Author: Fabiano Golluscio @ Swascan Vendor Homepage: https://www.solari.it/it/ Software Link: https://www.solari.it/it/solutions/other-solutions/access-control/ Version: 3.24.0.2 Fixed Version:...

CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)

class MetasploitModule 'CVE-2019-9649 CoreFTP FTP Server Version 674 and below MDTM Directory Traversal', 'Description' = %qAn issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal ....\ to browse...

HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx Vendor: ========== www.hp.com Product: =========================================== Hewlett Packard TouchSmart Calendar Service File version : 4.1.4245 HP TouchSmart Calendar is a shared calendar where you c...

MS14-060 Microsoft Windows OLE Package Manager Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS14-060 Microsoft Windows OLE Package Manager Code Execution", 'Description' = %q This module exploits a vulnerability found in...