2 matches found
CVE-2024-5262
CVE-2024-5262 concerns a vulnerability in the SMB server component of ProjectDiscovery Interactsh. Technical details in connected sources identify that remote attackers can read/write any files within the directory and subdirectories where the interactsh-server runs, via anonymous login. This con...
CVE-2023-36474
CVE-2023-36474 concerns Interactsh server (self-hosted) where domains configured before v1.0.0 could be vulnerable to subdomain takeover. The default setup created a CNAME for the app subdomain pointing to projectdiscovery.github.io, enabling takeover and enabling an attacker to host arbitrary cl...