Lucene search
K
GiteeMost viewed

1886 matches found

Gitee
Gitee
added 2020/08/18 3:23 p.m.8 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796-SMB 该资源为CVE-2020-0796漏洞复现,包括Python版本和C++版本。主要是集合了github大神们的资源,希望您喜欢 C++ Python EXP POC 漏洞利用: - 本地EXP提权:https://github.com/danigargu/CVE-2020-0796 - 本地EXE提权: https://github.com/f1tz/CVE-2020-0796-LPE-EXP - POC版本提权: https://github.com/eerykitty/CVE-2020-0796-PoC -...

10CVSS9.3AI score0.9981EPSS
Exploits125
Gitee
Gitee
added 2020/07/28 9:36 a.m.8 views

Exploit for CVE-2020-2551

CVE-2020-2551 Weblogic IIOP 反序列化 测试环境 Weblogic10.3.6+jdk1.6 打包好的jar包 提取码:a6ob 漏洞利用 下载jar包,然后使用marshalsec起一个恶意的RMI服务,本地编译一个exp.java java package payload; import java.io.IOException; public class exp public exp String cmd = "curl http://172.16.1.1/success"; try...

9.8CVSS7AI score0.93168EPSS
Exploits18
Gitee
Gitee
added 2020/07/27 10:27 a.m.8 views

Exploit for Path Traversal in Atlassian Confluence_Server

PoC exploit for CVE-2019-3396, a Confluence Server-Side Template Injection SSTI Remote Code Execution RCE vulnerability. The exploit targets Confluence versions vulnerable to this CVE. The vulnerability is exploited by sending a specially crafted request to the Confluence REST API, which allows a...

10CVSS8.6AI score0.99913EPSS
Exploits20
Gitee
Gitee
added 2020/07/17 1:25 a.m.8 views

Exploit for CVE-2017-0144

This is a PoC exploit for CVE-2017-0144, a remote code execution vulnerability in Windows. The exploit targets Windows 2000 and later versions. It does not require Python installation, as it is built with Pyinstaller. The exploit implements a few options, such as username/password specification a...

9.3CVSS8.6AI score0.9923EPSS
Exploits55
Gitee
Gitee
added 2020/07/10 9:51 a.m.8 views

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not explicitly mentioned, but the project is based on various vulnerabilities, including CVE-2016-9086, CVE-2013-4547, CVE-2017-1000353, and CVE-2018-1000006. The target product/service or framework...

9.8CVSS7.6AI score0.99686EPSS
Exploits53
Gitee
Gitee
added 2020/05/06 11:50 a.m.8 views

Exploit for CVE-2017-0213

windows-kernel-exploits 简介 windows-kernel-exploits 漏洞列表 Security Bulletin KB Description Operating System - MS17-017 KB4013081 GDI Palette Objects Local Privilege Escalation windows 7/8 - CVE-2017-8464 LNK Remote Code Execution Vulnerability windows 10/8.1/7/2016/2010/2008 - CVE-2017-0213...

9.3CVSS7.8AI score0.90026EPSS
Exploits32
Gitee
Gitee
added 2020/03/31 3:16 p.m.8 views

Exploit for CVE-2020-1938

说明 工具仅用于安全研究以及内部自查, 禁止使用工具发起非法攻击, 造成的后果由使用者负责 Apache Tomcat文件包含漏洞(CVE-2020-1938 / CNVD-2020-1048 )批量检测工具. 此项目在Kit4y的项目的基础上进行修改. 代码修改 当ip.txt中只有1个域名或ip时, 会使得threadCount为1, 程序实际上没有运行, 增加判断线程数的代码 ... if threadCount == 1: threadCount = 2 for i in range0,threadCount-1: ... 修改少量代码, 以兼容Python3. 修改前的代码...

9.8CVSS7.1AI score0.9927EPSS
Exploits45
Gitee
Gitee
added 2020/03/28 12:36 a.m.8 views

exploit-database

This is an official Exploit Database repository, a collection of public exploits and vulnerable software. The repository is updated daily with the most recently added submissions. It includes a search utility called "searchsploit" that allows users to search through the exploits using one or more...

6.5AI score
Exploits0
Gitee
Gitee
added 2020/03/18 7:1 p.m.8 views

Exploit for CVE-2016-0728

This repository is an offensive tool for Linux kernel exploitation, specifically targeting the CVE-2016-0728 vulnerability. The vulnerability is a REFCOUNT overflow/Use-After-Free in keyrings, which allows for local root exploitation. The repository contains two exploit modules, expboost.c and...

7.8CVSS6.7AI score0.03646EPSS
Exploits14
Gitee
Gitee
added 2020/03/17 6:15 p.m.8 views

Exploit for Use After Free in Microsoft

CVE-2019-0708 is a remote code execution vulnerability in Microsoft Windows Remote Desktop Services. This repository contains a proof-of-concept PoC exploit for this vulnerability, as well as a scanner for detecting vulnerable hosts. The PoC exploit is written in Python and uses the SMBLoris...

10CVSS8.1AI score0.99999EPSS
Exploits123
Gitee
Gitee
added 2020/03/11 1:42 a.m.8 views

Exploit for Improper Input Validation in Joomla Joomla\!

CMS-Hunter 简介 Content Management System Vulnerability Hunter 说明:目前来看,本项目会进行长期维护,有修改的建议或者想法欢迎联系作者。 CMS 漏洞列表 Discuz - Discuz<3.4birthprovince前台任意文件删除 DedeCMS - DedeCMSv5.7shopsdelivery存储型XSS - DedeCMSv5.7carbuyaction存储型XSS - DedeCMSv5.7友情链接CSRFGetShell - DedeCMS V5.7 SP2后台存在代码执行漏洞 Drupal -...

9.8CVSS7AI score0.99993EPSS
Exploits140
Gitee
Gitee
added 2020/03/09 9:30 a.m.8 views

Exploit for Classic Buffer Overflow in Point-To-Point_Protocol_Project Point-To-Point_Protocol

PoC exploit for CVE-2020-8597, a buffer overflow vulnerability in the eap.c file of the pppd daemon in ppp versions 2.4.2 through 2.4.8. The vulnerability allows for a buffer overflow in the eaprequest and eapresponse functions, which can be exploited by sending a long "EAP: unauthenticated peer...

9.8CVSS7.5AI score0.19431EPSS
Exploits3
Gitee
Gitee
added 2020/03/08 10:44 a.m.8 views

Exploit for Improper Input Validation in Jenkins

hackUtils It is a hack tool kit for pentest and web security research, which is based on BeautifulSoup bs4 module http://www.crummy.com/software/BeautifulSoup/bs4/. Usage: hackUtils.py options Options: -h, --help Show basic help message and exit -b keyword, --baidu=keyword Fetch URLs from Baidu...

9CVSS7.6AI score0.82697EPSS
Exploits23
Gitee
Gitee
added 2020/03/07 8:41 a.m.8 views

Exploit for Classic Buffer Overflow in Microsoft

This is a PoC exploit for CVE-2017-7269, a vulnerability in Microsoft IIS 6.0. The target product/service is Microsoft IIS 6.0, and the vulnerability class/vector is a remote code execution RCE vulnerability. The probable entry point is the exploit.py script, which is invoked using the python...

10CVSS8.5AI score0.99823EPSS
Exploits39
Gitee
Gitee
added 2020/02/11 11:48 p.m.8 views

Exploit for Improper Resource Shutdown or Release in Microsoft

CVE-2018-8120 CVE-2018-8120 Windows LPE exploit Supports both x32 and x64. Tested on: Win7 x32, Win7 x64, Win2008 x32, Win2008 R2 x32, Win2008 R2 Datacenter x64, Win2008 Enterprise x64. Usage shell CVE-2018-8120 exploit by @unamerhttps://github.com/unamer Usage: exp.exe command Example: exp.exe...

7.2CVSS7.1AI score0.73721EPSS
Exploits18
Gitee
Gitee
added 2020/01/19 5:1 p.m.8 views

Exploit for CVE-2019-1003000

PoC exploit for CVE-2019-1003000, CVE-2019-1003001, and CVE-2019-1003002, which are related to Script Security, Pipeline: Groovy, and Pipeline: Declarative plugins in Jenkins. The exploit allows users with Overall/Read permission and Job/Configure and optional Job/Build to bypass the sandbox...

8.8CVSS7.6AI score0.98428EPSS
Exploits17
Gitee
Gitee
added 2020/01/08 9:31 a.m.8 views

Exploit for Deserialization of Untrusted Data in Apache Log4J

CVE-2019-17571 is a vulnerability in the Apache Commons FileUpload library. It allows an attacker to upload a malicious file with a .class extension, which can be used to execute arbitrary code on the server. The vulnerability is caused by the library not properly validating the file extension...

9.8CVSS6.5AI score0.6906EPSS
Exploits3
Gitee
Gitee
added 2019/12/15 8:52 p.m.8 views

Exploit for Deserialization of Untrusted Data in Oracle Weblogic_Server

CVE-2018-2628 Weblogic GetShell.py is a Python script that exploits the Oracle Weblogic Server deserialization vulnerability. The script generates a payload using ysoserial and sends it to the target server. The payload is a serialized Java object that, when deserialized, executes arbitrary code...

9.8CVSS7.9AI score0.99448EPSS
Exploits69
Gitee
Gitee
added 2019/10/22 11:22 p.m.8 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

Awesome Web Security 🐶 Curated list of Web Security materials and resources. Needless to say, most websites suffer from various types of bugs which may eventually lead to vulnerabilities. Why would this happen so often? There can be many factors involved including misconfiguration, shortage of...

9.8CVSS8.4AI score0.99964EPSS
Exploits47
Gitee
Gitee
added 2019/10/09 5:20 p.m.8 views

Exploit for Improper Input Validation in Joomla Joomla\!

CMS-Hunter 简介 Content Management System Vulnerability Hunter 说明:目前来看,本项目会进行长期维护,有修改的建议或者想法欢迎联系作者。 CMS 漏洞列表 Discuz - Discuz<3.4birthprovince前台任意文件删除 DedeCMS - DedeCMSv5.7shopsdelivery存储型XSS - DedeCMSv5.7carbuyaction存储型XSS - DedeCMSv5.7友情链接CSRFGetShell - DedeCMS V5.7 SP2后台存在代码执行漏洞 Drupal -...

9.8CVSS7AI score0.99993EPSS
Exploits140
Gitee
Gitee
added 2019/09/20 8:40 p.m.8 views

Exploit for CVE-2013-0422

K8tools 20190727 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 博客: https://www.cnblogs.com/k8gege 下载: https://github.com/k8gege/K8tools PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 综合工具 K8飞刀Final.rar + K8data.mdb K8飞刀漏洞数据库20190402 + K8expList.txt...

10CVSS6.5AI score0.99913EPSS
Exploits116
Gitee
Gitee
added 2019/08/19 4:53 p.m.8 views

Exploit for Deserialization of Untrusted Data in Oracle Weblogic_Server

CVE-2018-2628 Weblogic GetShell.py is a Python script that exploits the Oracle Weblogic Server 10.3.6.0, 12.1.3.0, 12.2.1.2, 12.2.1.3 deserialization remote command execution vulnerability. The script generates a payload using the ysoserial tool and sends it to the target server using a socket...

9.8CVSS7.4AI score0.99448EPSS
Exploits69
Gitee
Gitee
added 2019/05/06 9:43 a.m.8 views

Exploit for CVE-2013-0422

K8tools 20190428 声明: 工具仅供安全研究或授权渗透,非法用途后果自负。 博客: https://www.cnblogs.com/k8gege 下载: https://github.com/k8gege/K8tools PS: 不定期更新,文件比较大,可按需下载。工具有BUG或建议可直接Github上留言 提权工具均可在远控Cmd或WebShell运行,大部份经过修改编译兼容性稳定性更好 注意:不保证永久有效,喜欢自行保存。 综合工具 + 综合工具 K8飞刀Final.rar + K8data.mdb K8飞刀漏洞数据库20190402 + K8expList.txt...

10CVSS9.1AI score0.99448EPSS
Exploits97
Gitee
Gitee
added 2019/01/17 3:59 p.m.8 views

exploitdb-bin-sploitsss

This is an official repository of The Exploit Database, a project sponsored by Offensive Security. The repository contains a collection of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. It is intended to serve as the...

7.8AI score
Exploits0
Gitee
Gitee
added 2018/11/29 5:24 p.m.8 views

Exploit for CVE-2013-6026

PoC exploit for CVE-2013-6026, a severe vulnerability allowing unauthenticated access to the administration panel of many routers made by D-Link. The target product/service is D-Link routers, and the vulnerability class/vector is auth bypass. The probable entry point is the Shodan search engine,...

10CVSS7AI score0.0768EPSS
Exploits4
Gitee
Gitee
added 2018/08/10 5:44 p.m.8 views

vulhub

This is a Docker Compose file for a vulnerability environment. It is a collection of services and their configurations that can be used to test and demonstrate various vulnerabilities. The file is written in YAML format and defines the services, their ports, and their dependencies. The services...

7.2AI score
Exploits0
Gitee
Gitee
added 2018/07/06 9:17 p.m.8 views

Exploit for CVE-2017-0213

windows-kernel-exploits 简介 windows-kernel-exploits 漏洞列表 Security Bulletin KB Description Operating System - MS17-017 KB4013081 GDI Palette Objects Local Privilege Escalation windows 7/8 - CVE-2017-8464 LNK Remote Code Execution Vulnerability windows 10/8.1/7/2016/2010/2008 - CVE-2017-0213...

9.3CVSS8.3AI score0.90026EPSS
Exploits47
Gitee
Gitee
added 2017/06/01 5:41 p.m.8 views

Exploit for Race Condition in Sudo_Project Sudo

PoC exploit for CVE-2017-1000367, a vulnerability in the Linux sudo command. The target is the Linux operating system, specifically the sudo command. The vulnerability class is a privilege escalation vulnerability, allowing an attacker to gain root privileges. The probable entry point is the...

6.9CVSS8.5AI score0.08018EPSS
Exploits8
Gitee
Gitee
added 2017/05/29 10:42 a.m.8 views

lua-resty-waf

It is an offensive tool for web application firewalls WAFs. The repository, huangjacky/lua-resty-waf, contains a high-performance WAF built on the OpenResty stack. The tool is designed to protect against various types of attacks, including HTTP violations, HTTP anomalies, SQL injection, and gener...

7.5AI score
Exploits0
Gitee
Gitee
added 2023/12/11 10:38 a.m.7 views

Tater

It is an offensive tool for Windows Privilege Escalation. The primary CVE ID is not explicitly mentioned, but the tool is based on the Hot Potato Windows Privilege Escalation exploit, which is a known vulnerability. The target product/service is Windows, and the vulnerability class/vector is...

6.6AI score
Exploits0
Gitee
Gitee
added 2023/12/07 11:40 a.m.7 views

pocsuite3

This is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec 404 Team. It comes with a powerful proof-of-concept engine, many nice features for the ultimate penetration testers and security researchers. The framework supports various...

6.8AI score
Exploits0
Gitee
Gitee
added 2023/10/29 4:15 p.m.7 views

Exploit for Code Injection in Apache Cassandra

0day 由于众所周知的原因,原始仓库被删除,但保留了副本,forks和stars 清零 不过请放心,还是原来的配方,原来的味道。 为了避免再次出现这种情况找不到此项目,可以Follow 一下 本仓库所有内容仅限用于学习交流 English | 中文 各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新 优秀项目列表 1. Fastjson RCE https://github.com/dbgee/fastjson-rce 2. Log4j RCE https://github.com/dbgee/log4j2rce 3. redis RCE...

9.1CVSS9.6AI score0.54889EPSS
Exploits7
Gitee
Gitee
added 2023/09/08 9:54 a.m.7 views

Exploit for Classic Buffer Overflow in Cisco Pix_Firewall_Software

This is a PoC exploit for CVE-2016-6366, a remote code execution vulnerability in Cisco ASA. The repository contains improvements to the EXTRABACON exploit, which was written by the Equation Group NSA and leaked by the Shadow Brokers. The exploit targets various versions of Cisco ASA, including 8...

8.8CVSS8.1AI score0.87503EPSS
Exploits7
Gitee
Gitee
added 2023/06/15 2:30 p.m.7 views

Exploit for Code Injection in Apache Cassandra

0day 由于众所周知的原因,原始仓库被删除,但保留了副本,forks和stars 清零 不过请放心,还是原来的配方,原来的味道。 为了避免再次出现这种情况找不到此项目,可以Follow 一下 本仓库所有内容仅限用于学习交流 English | 中文 各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新 优秀项目列表 1. Fastjson RCE https://github.com/dbgee/fastjson-rce 2. Log4j RCE https://github.com/dbgee/log4j2rce 3. redis RCE...

9.1CVSS9.6AI score0.54889EPSS
Exploits7
Gitee
Gitee
added 2023/02/16 12:17 a.m.7 views

Exploit for CVE-2020-13933

CVE-2020-13933 靶场 shiro 权限配置, 当请求 /res/ 资源时, 302 跳转到登陆页面进行身份认证 - NameController.java: · /res/name: 请求名为 name 的的资源(触发身份认证) · /res/: 不请求任何资源(不触发身份认证) 靶场验证 不在请求路由中指定资源名称时,不触发身份验证,也无资源返回: http://127.0.0.1:8080/res/ 在请求路由中指定资源名称时,302 跳转到身份验证页面: http://127.0.0.1:8080/res/poc 构造特定 PoC...

7.5CVSS9.4AI score0.48019EPSS
Exploits3
Gitee
Gitee
added 2022/12/27 10:38 a.m.7 views

vulhub

This is an offensive tool for web application security training and education. It is a collection of vulnerable web applications and tools for testing and training purposes. The repository is a clone of vulhub/vulhub, which is a collection of vulnerable web applications and tools for testing and...

7AI score
Exploits0
Gitee
Gitee
added 2022/12/10 7:28 p.m.7 views

Exploit for Use of Hard-coded Cryptographic Key in Apache Aurora

This repository is an open-source project called "Attack-Defense ThinkTank" openKylin, which is a community-driven platform for sharing knowledge and research on attack and defense techniques. The project is hosted on Gitee, a Chinese version of GitHub. The repository contains various articles an...

9.8CVSS6.6AI score0.93143EPSS
Exploits9
Gitee
Gitee
added 2022/11/24 7:58 p.m.7 views

Exploit for SQL Injection in Zabbix

This repository is an open-source collection of vulnerable web applications and tools for security testing and education, maintained by phith0n. It is an offensive tool for web application security testing. The primary vulnerability targeted by this repository is not explicitly stated, but it...

9.8CVSS8.2AI score0.83284EPSS
Exploits28
Gitee
Gitee
added 2022/04/29 10:14 a.m.7 views

Exploit for Absolute Path Traversal in Rarlab Winrar

This is a PoC exploit for CVE-2018-20250. The exploit targets a vulnerability in the Microsoft Visual C++ compiler, which allows for arbitrary code execution. The vulnerability is related to the way the compiler handles certain types of data. The exploit consists of a Visual Studio solution file...

7.8CVSS8.2AI score0.96274EPSS
Exploits13
Gitee
Gitee
added 2022/03/20 4:48 p.m.7 views

Exploit for SQL Injection in Zabbix

This is a pre-built vulnerable environment based on Docker-Compose, maintained by Vulhub. The repository contains various vulnerable applications and services, including CouchDB, FFmpeg, Git, and Jenkins, among others. The vulnerabilities are identified by CVE IDs, such as CVE-2016-10134,...

9.8CVSS7.2AI score0.83284EPSS
Exploits28
Gitee
Gitee
added 2021/12/31 8:40 p.m.7 views

EvilOSX

This is a Python-based Remote Administration Tool RAT for macOS/OS X, known as EvilOSX. It is a modular system that allows users to extend its functionality by creating custom modules. The tool is designed to be undetectable by anti-virus software, using OpenSSL AES-256 encryption for its payload...

7.4AI score
Exploits0
Gitee
Gitee
added 2021/12/31 2:44 p.m.7 views

vulhub

This is an open-source collection of vulnerable web applications and environments for security research and training. It is a repository of vulnerable systems, including web applications, databases, and other software, designed to help security professionals and researchers practice and improve...

7.9AI score
Exploits0
Gitee
Gitee
added 2021/12/15 4:46 p.m.7 views

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This repository is an open-source collection of vulnerable systems and applications for educational purposes, known as Vulhub. It is a defensive blue-team research and threat mitigation tool, used to improve detection, response, and patch prioritization. The repository contains a variety of...

9.8CVSS7.1AI score0.99686EPSS
Exploits74
Gitee
Gitee
added 2021/12/11 1:1 a.m.7 views

exp-hub

exp-hub 漏洞复现模板如下: 0x00 软件介绍 git:分布式版本控制系统 0x01 复现环境 使用环境:攻防世界中的环境 复现版本:无 0x02 环境搭建 靶机环境:2008r2standardzh-chs 0x03 利用条件 无 0x04 影响版本 无 0x05 漏洞复现 攻击环境:kalix64en-us python ./GitHack.py http://124.126.19.106:31232/.git/ 如下图 0x06 批量脚本 无 0x07 踩坑记录 坑0:Exploit aborted due to failure: bad-config: Set the...

7AI score
Exploits0
Gitee
Gitee
added 2021/12/09 8:36 p.m.7 views

Exploit for Path Traversal in Vmware Cloud_Foundation

CVE-2021-21972 CVE-2021-21972 Works On - VMware-VCSA-all-6.7.0-8217866、VMware-VIM-all-6.7.0-8217866 ✔ - VMware-VCSA-all-6.5.0-16613358 ✔ For vCenter6.7 U2+ vCenter 6.7U2+ running website in memory,so this exp can't work for 6.7 u2+. Need test - vCenter 6.5 LinuxVCSA/Window Waiting For Test -...

10CVSS10AI score0.9957EPSS
Exploits47
Gitee
Gitee
added 2021/12/03 11:31 a.m.7 views

Exploit for Code Injection in Gitlab

The provided code is a Python script that exploits a vulnerability in GitLab CE/EE versions 11.9 and earlier. The vulnerability is related to the way GitLab handles image files, allowing an attacker to execute arbitrary code on the server. Here's a breakdown of the code: 1. The script starts by...

10CVSS9.3AI score0.99731EPSS
Exploits30
Gitee
Gitee
added 2021/12/01 12:30 p.m.7 views

Exploit for Incorrect Default Permissions in Microsoft

Awesome Red Teaming List of Awesome Red Team / Red Teaming Resources This list is for anyone wishing to learn about Red Teaming but do not have a starting point. Anyway, this is a living resources and will update regularly with latest Adversarial Tactics and Techniques based on Mitre ATT&CK You c...

8.8CVSS9.9AI score0.15257EPSS
Exploits4
Gitee
Gitee
added 2021/11/19 9:3 a.m.7 views

Exploit for Out-of-bounds Write in Linux Linux_Kernel

PoC exploit for CVE-2021-22555, a heap out-of-bounds write affecting Linux since v2.6.19-rc1. The exploit allows an attacker to gain privileges or cause a DoS through user namespace memory corruption. The target is Linux, and the vulnerability class is heap out-of-bounds write. The probable entry...

8.3CVSS7.2AI score0.78684EPSS
Exploits21
Gitee
Gitee
added 2021/11/16 4:4 p.m.7 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

This repository is a proof-of-concept PoC exploit for CVE-2020-0796, also known as SMBGhost, a pre-authentication remote code execution vulnerability in Windows SMBv3. The exploit is written in Python and uses the SMB protocol to exploit the vulnerability. The PoC is intended for demonstration...

10CVSS9AI score0.9981EPSS
Exploits125
Gitee
Gitee
added 2021/11/11 11:40 a.m.7 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

PoC exploit for CVE-2020-0796 - SMBv3 RCE. The target product/service is SMB. The vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the scanner.py script. Notable dependencies/tooling include the netaddr library. The execution context is a Python script invoked...

10CVSS8.5AI score0.9981EPSS
Exploits125
Total number of security vulnerabilities1886