Packetstorm - Page 58 of Packetstorm Vulnerabilities List

Packet Storm•added 2024/08/31 12:0 a.m.•149 views

Mac OS X Safari .webarchive File Format UXSS

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Mac OS X Safari .webarchive File Format UXSS', 'Description' = %q Generates a .webarchive file for Mac OS X Safari that will attemp...

Packet Storm•added 2024/08/31 12:0 a.m.•231 views

ManageEngine Desktop Central Administrator Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Desktop Central Administrator Account Creation', 'Description' = %q This module exploits an administrator account creation...

9.8CVSS7.4AI score0.81398EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•216 views

Cisco IOS Telnet Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOS Telnet Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the Cisco IOS telnet service...

10CVSS7.2AI score0.94282EPSS

Exploits12

Packet Storm•added 2024/08/31 12:0 a.m.•233 views

OpenSSL DTLS Fragment Buffer Overflow / Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSSL DTLS Fragment Buffer Overflow DoS', 'Description' = %q This module performs a Denial of Service Attack against Datagram TLS in OpenSSL...

6.8CVSS7.3AI score0.92751EPSS

Exploits4

Packet Storm•added 2024/08/31 12:0 a.m.•420 views

Fortra FileCatalyst Workflow SQL Injection

require 'digest/md5' class MetasploitModule 'Fortra FileCatalyst Workflow SQL Injection CVE-2024-5276', 'Description' = %q This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow 'Tenable', Discovery and PoC 'Michael Heinzl' MSF Module , 'References' = 'CVE', '2024-5276...

9.8CVSS7.1AI score0.87417EPSS

Exploits5

Packet Storm•added 2024/08/31 12:0 a.m.•236 views

RPC Denial of Service targeting *nix rpcbind/libtirpc

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'RPC DoS targeting nix rpcbind/libtirpc', 'Description' = %q This module exploits a vulnerability in certain versions of rpcbind, LIBTIRPC, and...

7.8CVSS7.2AI score0.81381EPSS

Exploits4

Packet Storm•added 2024/08/31 12:0 a.m.•443 views

OpenNMS Authenticated XXE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'OpenNMS Authenticated XXE', 'Description' = %q OpenNMS is vulnerable to XML External Entity Injection in the Real-Time Console...

7.1AI score

Packet Storm•added 2024/08/31 12:0 a.m.•445 views

Active Directory Certificate Services (ADCS) Privilege Escalation (Certifried)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Active Directory Certificate Services ADCS privilege escalation Certifried', 'Description' = %q This module exploits a privilege escalation...

9CVSS7AI score0.91596EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•265 views

CVE-2024-20767 Adobe Coldfusion Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CVE-2024-20767 - Adobe Coldfusion Arbitrary File Read', 'Description' = %q This module exploits an Improper Access Vulnerability in Adobe...

7.4CVSS7AI score0.94093EPSS

Exploits7

Packet Storm•added 2024/08/31 12:0 a.m.•170 views

Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS', 'Description' = %q This module exploits a buffer underrun vulnerability in Microsoft's...

9.8CVSS7AI score0.46929EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•210 views

SAP MaxDB Cons.exe Remote Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP MaxDB cons.exe Remote Command Injection', 'Description' = %q SAP MaxDB is prone to a remote command-injection vulnerability because the...

10CVSS7AI score0.89824EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•221 views

Oracle SMB Relay Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle SMB Relay Code Execution', 'Description' = %q This module will help you to get Administrator access to OS using an unprivileged Oracle...

Packet Storm•added 2024/08/31 12:0 a.m.•927 views

Hikvision IP Camera Unauthenticated Password Change Via Improper Authentication Logic

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Hikvision IP Camera Unauthenticated Password Change Via Improper Authentication Logic', 'Description' = %q Many Hikvision IP cameras contain...

10CVSS7AI score0.94233EPSS

Exploits11

Packet Storm•added 2024/08/31 12:0 a.m.•257 views

NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load And Administrator Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load and Administrator Password Reset', 'Description' = %q The NVRmini 2...

7.5CVSS7AI score0.76234EPSS

Exploits6

Packet Storm•added 2024/08/31 12:0 a.m.•163 views

JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure', 'Description' = %q SIEMENS IP-Camera CVMS2025-IR + CCMS2025, JVC IP-Camera...

Packet Storm•added 2024/08/31 12:0 a.m.•184 views

Android Mercury Browser Intent URI Scheme And Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android Mercury Browser Intent URI Scheme and Directory Traversal Vulnerability', 'Description' = %q This module exploits an unsafe intent URI...

Packet Storm•added 2024/08/31 12:0 a.m.•157 views

NIS bootparamd Domain Name Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NIS bootparamd Domain Name Disclosure', 'Description' = %q This module discloses the NIS domain name from bootparamd. You must know a client...

Packet Storm•added 2024/08/31 12:0 a.m.•221 views

Solarwinds Orion AccountManagement.asmx GetAccounts Admin Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solarwinds Orion AccountManagement.asmx GetAccounts Admin Creation', 'Description' = %q This module exploits a stacked SQL injection in order to...

7.5CVSS7AI score0.76014EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•140 views

VMWare Enumerate User Accounts

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare Enumerate User Accounts', 'Description' = %Q This module will log into the Web API of VMWare and try to enumerate all the user accounts. I...

Packet Storm•added 2024/08/31 12:0 a.m.•147 views

Oracle Secure Backup Authentication Bypass / Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability', 'Description' = %q This module exploits an authentication bypass...

5CVSS7AI score0.88044EPSS

Exploits6

Packet Storm•added 2024/08/31 12:0 a.m.•147 views

Ulterius Server File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ulterius Server File Download Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability in Ulterius Server 'Ric...

7.5CVSS7AI score0.86498EPSS

Exploits6

Packet Storm•added 2024/08/31 12:0 a.m.•159 views

Unitronics PCOM Client

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitronics PCOM Client', 'Description' = %q Unitronics Vision PLCs allow unauthenticated PCOM commands to query PLC registers. , 'Author' = 'Luis...

Packet Storm•added 2024/08/31 12:0 a.m.•202 views

Telnet Service Encryption Key ID Overflow Detection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Telnet Service Encryption Key ID Overflow Detection', 'Description' = 'Detect telnet services vulnerable to the encrypt option Key ID overflow...

10CVSS7.1AI score0.92585EPSS

Exploits19

Packet Storm•added 2024/08/31 12:0 a.m.•205 views

NTP Mode 6 UNSETTRAP DRDoS Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP Mode 6 UNSETTRAP DRDoS Scanner', 'Description' = %q This module identifies NTP servers which permit mode 6 UNSETTRAP requests that can be use...

5CVSS6.7AI score0.92136EPSS

Exploits23

Packet Storm•added 2024/08/31 12:0 a.m.•175 views

NTP Mode 6 REQ_NONCE DRDoS Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP Mode 6 REQNONCE DRDoS Scanner', 'Description' = %q This module identifies NTP servers which permit mode 6 REQNONCE requests that can be used ...

5CVSS6.7AI score0.92136EPSS

Exploits23

Packet Storm•added 2024/08/31 12:0 a.m.•153 views

Nuuo Central Management Server Authenticated Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nuuo Central Management Server Authenticated Arbitrary File Download', 'Description' = %q The Nuuo Central Management Server allows an...

9.8CVSS7AI score0.67751EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•166 views

Rancher Authenticated API Credential Exposure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rancher Authenticated API Credential Exposure', 'Description' = %q An issue was discovered in Rancher versions up to and including 2.5.15 and 2.6...

9.9CVSS7.4AI score0.79605EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•188 views

Apache Commons FileUpload and Apache Tomcat Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Commons FileUpload and Apache Tomcat DoS', 'Description' = %q This module triggers an infinite loop in Apache Commons FileUpload 1.0 throu...

7.5CVSS7.2AI score0.9265EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•146 views

PacketTrap TFTP Server 2.2.5459.0 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PacketTrap TFTP Server 2.2.5459.0 DoS', 'Description' = %q The PacketTrap TFTP server version 2.2.5459.0 can be brought down by sending a special...

5CVSS7AI score0.6635EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•141 views

Roundcube TimeZone Authenticated File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Roundcube TimeZone Authenticated File Disclosure', 'Description' = %q Roundcube Webmail allows unauthorized access to arbitrary files on the host...

7.8CVSS7AI score0.35939EPSS

Exploits5

Packet Storm•added 2024/08/31 12:0 a.m.•153 views

Oracle TNS Listener SID Brute Forcer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle TNS Listener SID Brute Forcer', 'Description' = %q This module simply attempts to discover the protected SID. , 'Author' = 'MC' , 'License...

Packet Storm•added 2024/08/31 12:0 a.m.•188 views

marked npm module heading ReDenial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'marked npm module "heading" ReDoS', 'Description' = %q This module exploits a Regular Expression Denial of Service vulnerability in the npm modul...

7AI score

Packet Storm•added 2024/08/31 12:0 a.m.•210 views

Oracle RDBMS Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle RDBMS Login Utility', 'Description' = %q This module attempts to authenticate against an Oracle RDBMS instance using username and password...

7.2AI score0.37089EPSS

Exploits41

Packet Storm•added 2024/08/31 12:0 a.m.•196 views

BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure', 'Description' = %q This module exploits a...

7.5CVSS7AI score0.82177EPSS

Exploits15

Packet Storm•added 2024/08/31 12:0 a.m.•174 views

JBoss Seam 2 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBoss Seam 2 Remote Command Execution', 'Description' = %q JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for R...

8.8CVSS7.4AI score0.93535EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•200 views

Moxa Device Credential Retrieval

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Moxa Device Credential Retrieval', 'Description' = %q The Moxa protocol listens on 4800/UDP and will respond to broadcast or direct traffic. The...

9.8CVSS7AI score0.49582EPSS

Exploits4

Packet Storm•added 2024/08/31 12:0 a.m.•136 views

GE Proficy Cimplicity WebView Substitute.bcl Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'GE Proficy Cimplicity WebView substitute.bcl Directory Traversal', 'Description' = %q This module abuses a directory traversal in G...

4.3CVSS7AI score0.09536EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•233 views

MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS10-065 Microsoft IIS 5 NTFS Stream Authentication Bypass', 'Description' = %q This module bypasses basic authentication for Internet Informatio...

6.8CVSS7AI score0.66776EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•372 views

Android Browser Remote Code Execution Through Google Play Store XFO

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android Browser RCE Through Google Play Store XFO', 'Description' = %q This module combines two vulnerabilities to achieve remote code execution ...

5.8CVSS7.2AI score0.77565EPSS

Exploits7

Packet Storm•added 2024/08/31 12:0 a.m.•137 views

Apple Filing Protocol Info Enumerator

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apple Filing Protocol Info Enumerator', 'Description' = %q This module fetches AFP server information, including server name, network address,...

Packet Storm•added 2024/08/31 12:0 a.m.•146 views

Cisco DCNM Auth Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'securerandom' require 'base64' class MetasploitModule 'Cisco DCNM auth bypass', 'Description' = %q This exploit is able to add an admin account to a Cisco DCNM...

10CVSS7AI score0.85137EPSS

Exploits7

Packet Storm•added 2024/08/31 12:0 a.m.•212 views

IBM Tivoli Storage Manager FastBack Server Opcode 0x534 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "IBM Tivoli Storage Manager FastBack Server Opcode 0x534 Denial of Service", 'Description' = %q This module exploits a denial of service condition...

Packet Storm•added 2024/08/31 12:0 a.m.•216 views

Cisco DLSw Information Disclosure Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'socket' class MetasploitModule 'Cisco DLSw Information Disclosure Scanner', 'Description' = %q This module implements the DLSw information disclosure retrieval...

5CVSS7.1AI score0.60801EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•238 views

Pi-Hole Top Domains API Authenticated Exec

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi-Hole Top Domains API Authenticated Exec', 'Description' = %q This exploits a command execution in Pi-Hole Web Interface API/Web inetrace page...

8.8CVSS7AI score0.61046EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•153 views

Microsoft Host Integration Server 2006 Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Host Integration Server 2006 Command Execution Vulnerability', 'Description' = %q This module exploits a command-injection vulnerabilit...

10CVSS7AI score0.8472EPSS

Exploits9

Packet Storm•added 2024/08/31 12:0 a.m.•255 views

ContentKeeper Web Appliance Mimencode File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ContentKeeper Web Appliance mimencode File Access', 'Description' = %q This module abuses the 'mimencode' binary present within ContentKeeper Web...