MSI Ambient Link Driver 1.0.0.8 – Local Privilege Escalation
September 29th, 2020 📆 | 1941 Views ⚑
*] *]/* Exploit Title: MSI Ambient Link Driver 1.0.0.8 - Local Privilege Escalation Date: 2020-09-24 Exploit Author: Matteo Malvica Vendor
Browsing the "privilege" Tag
Tagged with: ambient • CVE-2020-17382 • driver • escalation • link • local • MSI • privilege • windows
MSI Ambient Link Driver 1.0.0.8 Privilege Escalation ≈ Packet Storm
September 29th, 2020 📆 | 7745 Views ⚑
*]/**]Exploit Title: MSI Ambient Link Driver 1.0.0.8 – Local Privilege Escalation*]Date: 2020-09-24*]Exploit Author: Matteo Malvica*]Vendor Homepage: https://www.msi.com*]Software Link: https://msi.gm/ABLTMNB*]Driver: MSIO64.sys*]SHA256:
Tagged with: advisory • ambient • CSRF • driver • escalation • exploit • link • MSI • overflow • packet • privilege • scanner • security • storm • vulnerability • whitepaper • XSS
GoogleCloudPlatform OSConfig Privilege Escalation
September 23rd, 2020 📆 | 3759 Views ⚑
Google’s osconfig agent was vulnerable to local privilege escalation due to relying on a predictable path inside the /tmp directory.
Tagged with: advisory • CSRF • escalation • exploit • googlecloudplatform • osconfig • overflow • privilege • scanner • security • vulnerability • whitepaper • XSS
VyOS restricted-shell Escape / Privilege Escalation ≈ Packet Storm
September 21st, 2020 📆 | 5479 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## require ‘net/ssh’require ‘net/ssh/command_stream’ class MetasploitModule < Msf::Exploit::RemoteRank = GreatRanking include Msf::Exploit::Remote::SSHinclude
Tagged with: advisory • CSRF • escalation • escape • exploit • overflow • packet • privilege • restricted • restrictedshell • scanner • security • shell • storm • vulnerability • VyOS • whitepaper • XSS
Microsoft Spooler Local Privilege Elevation ≈ Packet Storm
September 18th, 2020 📆 | 6738 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::LocalRank = ExcellentRanking include Msf::Post::Commoninclude Msf::Post::Fileinclude Msf::Post::Windows::Privinclude Msf::Exploit::EXE
Tagged with: advisory • CSRF • elevation • exploit • local • microsoft • overflow • packet • privilege • scanner • security • spooler • storm • vulnerability • whitepaper • XSS
DnsAdmin ServerLevelPluginDll Feature Abuse Privilege Escalation ≈ Packet Storm
September 11th, 2020 📆 | 8455 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## require ‘metasploit/framework/compiler/windows’ class MetasploitModule < Msf::Exploit::LocalRank = NormalRanking include Msf::Post::Fileinclude Msf::Post::Windows::Privinclude
Tagged with: abuse • advisory • CSRF • dnsadmin • escalation • exploit • feature • overflow • packet • privilege • scanner • security • serverlevelplugindll • storm • vulnerability • whitepaper • XSS
Microsoft Windows CloudExperienceHostBroker Privilege Escalation
September 9th, 2020 📆 | 6321 Views ⚑
The CloundExperienceHostBroker hosts unsafe COM objects accessible to a normal user leading to elevation of privilege. Source link
Tagged with: advisory • cloudexperiencehostbroker • CSRF • escalation • exploit • microsoft • overflow • privilege • scanner • security • vulnerability • whitepaper • windows • XSS
Microsoft Windows StorageFolder Marshaled Object Access Check Bypass / Privilege Escalation
September 9th, 2020 📆 | 5367 Views ⚑
The StorageFolder class when used out of process can bypass security checks to read and write files not allowed to
Tagged with: access • advisory • bypass • check • CSRF • escalation • exploit • marshaled • microsoft • object • overflow • privilege • scanner • security • storagefolder • vulnerability • whitepaper • windows • XSS
Critical Intel Active Management Technology Flaw Allows Privilege Escalation
September 9th, 2020 📆 | 6325 Views ⚑
Critical Intel Active Management Technology Flaw Allows Privilege Escalation Source link
Tagged with: active • allows • critical • critical flaw • escalation • flaw • hacks • intel • intel patch • intel security • malware • management • Mobile Security • patch • privacy • privilege • privilege escalation flaw • security-flaw • technology • vulnerabilities • Web Security
Rapid7 Nexpose Installer 6.6.39 Local Privilege Escalation ≈ Packet Storm
September 8th, 2020 📆 | 7105 Views ⚑
Rapid7 Nexpose Installer 6.6.39 Local Privilege Escalation Vendor: Rapid7Product web page: https://www.rapid7.comAffected version: < =6.6.39 Summary: Rapid7 Nexpose is a
Tagged with: advisory • CSRF • escalation • exploit • installer • local • nexpose • overflow • packet • privilege • rapid7 • scanner • security • storm • vulnerability • whitepaper • XSS
macOS cfprefsd Arbitrary File Write / Local Privilege Escalation ≈ Packet Storm
September 8th, 2020 📆 | 6016 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::LocalRank = ExcellentRanking prepend Msf::Exploit::Remote::AutoCheckinclude Msf::Post::Fileinclude Msf::Post::OSX::Privinclude Msf::Post::OSX::Systeminclude
Tagged with: advisory • arbitrary • cfprefsd • CSRF • escalation • exploit • File • local • macos • overflow • packet • privilege • scanner • security • storm • vulnerability • whitepaper • write • XSS
Pulse Secure Windows Client Privilege Escalation
September 4th, 2020 📆 | 1555 Views ⚑
The Windows client for Pulse Secure versions prior to 9.1.6 have a TOCTOU bug that allows an attacker to escalate
Tagged with: advisory • client • CSRF • escalation • exploit • overflow • privilege • pulse • scanner • secure • security • vulnerability • whitepaper • windows • XSS
Sagemcom [email protected] 5280 Privilege Escalation ≈ Packet Storm
September 2nd, 2020 📆 | 5370 Views ⚑
Source link
Tagged with: advisory • CSRF • escalation • exploit • FST • overflow • packet • privilege • sagemcom • scanner • security • storm • vulnerability • whitepaper • XSS
Eibiz i-Media Server Digital Signage 3.8.0 – Privilege Escalation
August 29th, 2020 📆 | 2967 Views ⚑
# Exploit Title: Eibiz i-Media Server Digital Signage 3.8.0 - Privilege Escalation # Date: 2020-08-28 # Exploit Author: LiquidWorm #
Tagged with: digital • eibiz • escalation • hardware • iMedia • media • privilege • server • signage • webapps
SUPERAntiSpyware Professional X Trial Privilege Escalation ≈ Packet Storm
August 28th, 2020 📆 | 6218 Views ⚑
# Exploit Title: SUPERAntiSpyware Professional X Trial < 10.0.1206 Local Privilege Escalation# Date: 2020-08-28# Exploit Author: b1nary# Vendor Homepage: https://www.superantispyware.com/#
Tagged with: advisory • CSRF • escalation • exploit • overflow • packet • privilege • professional • scanner • security • storm • superantispyware • trial • vulnerability • whitepaper • XSS
Microsoft Windows CmpDoReDoCreateKey Arbitrary Registry Key Creation Privilege Escalation
August 22nd, 2020 📆 | 8436 Views ⚑
The handling of KTM logs does not limit Registry Key operations to the loading hive leading to elevation of privilege.
Tagged with: advisory • arbitrary • cmpdoredocreatekey • creation • CSRF • escalation • exploit • key • microsoft • overflow • privilege • registry • scanner • security • vulnerability • whitepaper • windows • XSS
Microsoft Windows CmpDoReadTxRBigLogRecord Memory Corruption Privilege Escalation
August 22nd, 2020 📆 | 8065 Views ⚑
The handling of KTM logs when initializing a Registry Hive contains no bounds checks which results in privilege escalation. Source
Tagged with: advisory • cmpdoreadtxrbiglogrecord • corruption • CSRF • escalation • exploit • memory • microsoft • overflow • privilege • scanner • security • vulnerability • whitepaper • windows • XSS
Eibiz i-Media Server Digital Signage 3.8.0 Remote Privilege Escalation / Account Takeover ≈ Packet Storm
August 22nd, 2020 📆 | 6108 Views ⚑
#!/usr/bin/env python3# -*- coding: utf-8 -*-### Eibiz i-Media Server Digital Signage 3.8.0 Remote Privilege Escalation / Account Takeover### Vendor: EIBIZ
Tagged with: account • advisory • CSRF • digital • eibiz • escalation • exploit • iMedia • media • overflow • packet • privilege • remote • scanner • security • server • signage • storm • takeover • vulnerability • whitepaper • XSS
BarracudaDrive 6.5 Local Privilege Escalation ≈ Packet Storm
August 11th, 2020 📆 | 3816 Views ⚑
# Exploit Title: BarracudaDrive v6.5 – User->System – Local Privilege Escalation# Exploit Author: Bobby Cooke (boku) & Adeeb Shah (@hyd3sec)
Tagged with: advisory • barracudadrive • CSRF • escalation • exploit • local • overflow • packet • privilege • scanner • security • storm • vulnerability • whitepaper • XSS
Cisco 7937G Privilege Escalation ≈ Packet Storm
August 11th, 2020 📆 | 7728 Views ⚑
# Exploit Title: Cisco 7937G Prvilege Escalation MSF Module# Date: 2020-08-10# Exploit Author: Cody Martin# Vendor Homepage: https://cisco.com# Version: <
Tagged with: 7937g • advisory • cisco • CSRF • escalation • exploit • overflow • packet • privilege • scanner • security • storm • vulnerability • whitepaper • XSS
Gantt-Chart For Jira 5.5.3 Missing Privilege Check ≈ Packet Storm
August 5th, 2020 📆 | 7866 Views ⚑
—–BEGIN PGP SIGNED MESSAGE—–Hash: SHA512 Advisory ID: SYSS-2020-029Product: Jira module “Gantt-Chart for Jira”Manufacturer: Frank Polscheit – Solutions & IT-ConsultingAffected Version(s):
Tagged with: advisory • chart • check • CSRF • exploit • gantt • GanttChart • Jira • missing • overflow • packet • privilege • scanner • security • storm • vulnerability • whitepaper • XSS
Microsoft Windows Win32k Privilege Escalation ≈ Packet Storm
August 4th, 2020 📆 | 5325 Views ⚑
# Exploit Title: Elevation of Privilege# Author: nu11secur1ty# Date: 08.03.2020# Exploit Date: 01/14/2020# Vendor: Microsoft# Software Link:https://support.microsoft.com/en-us/help/3095649/win32k-sys-update-in-windows-october-2015# Exploit link:https://github.com/nu11secur1ty/Windows10Exploits/raw/master/Undefined/CVE-2020-0624/win32k/__32-win32k.sys5.1.2600.1330.zip# CVE:
Tagged with: advisory • CSRF • escalation • exploit • microsoft • overflow • packet • privilege • scanner • security • storm • vulnerability • whitepaper • win32k • windows • XSS
FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation ≈ Packet Storm
August 1st, 2020 📆 | 4707 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::LocalRank = GreatRanking prepend Msf::Exploit::Remote::AutoCheckinclude Msf::Post::Fileinclude Msf::Post::Unixinclude Msf::Exploit::EXEinclude
Tagged with: advisory • after • CSRF • escalation • exploit • freebsd • ip6setpktopt • overflow • packet • privilege • scanner • security • setpktopt • storm • UseAfterFree • vulnerability • whitepaper • XSS
MAMP PRO 4.2.0 Local Privilege Escalation ≈ Packet Storm
July 30th, 2020 📆 | 7314 Views ⚑
# Exploit Title: MAMP PRO 4.2.0 Local Privilege Escalation# Date: 2020-07-08# Exploit Author: b1nary# Vendor Homepage: https://www.mamp.info/# Software Link: https://downloads.mamp.info/MAMP-PRO-WINDOWS/releases/4.2.0/MAMP_MAMP_PRO_4.2.0.exe#
Tagged with: advisory • CSRF • escalation • exploit • local • MAMP • overflow • packet • privilege • Pro • scanner • security • storm • vulnerability • whitepaper • XSS
Popular
Cabot 0.11.12 – Persistent Cross-Site Scripting September 7, 2020 # Exploit Title: Cabot 0.11.12 - Persistent Cross-Site Scripting #…
CyberRisk Alliance Acquires Security Weekly September 8, 2020 NEW YORK, Sept. 08, 2020 (GLOBE NEWSWIRE) -- CyberRisk Alliance…
Dominic Cummings’ plan to build UK Google… September 10, 2020 UK Prime Minister Boris Johnson's top adviser, Dominic Cummings, is…
Windows XP Source Code Leaked By Apparent Bill Gates… September 25, 2020 It’s probably not the biggest security issue that Microsoft is…
Zerologon Proof Of Concept September 17, 2020 Proof of concept exploit for the Windows Zerologon vulnerability as…
European ISPs report mysterious wave of DDoS attacks September 5, 2020 More than a dozen internet service providers (ISPs) across Europe…
UHS hospital network hit by ransomware attack September 28, 2020 Universal Health Services (UHS), a Fortune 500 company and one…
Members
Comments