January 16th, 2021 📆 | 1540 Views ⚑
Hello, Please find a text-only version below sent to security mailing lists. The complete version on “Multiple vulnerabilities found in
January 13th, 2021 📆 | 4908 Views ⚑
# Exploit Title: SmartAgent 3.1.0 - Privilege Escalation # Date: 01-11-2021 # Exploit Author: Orion Hridoy # Vendor Homepage: https://www.smartagent.io/
January 13th, 2021 📆 | 5090 Views ⚑
# Exploit Title: SmartAgent 3.1.0 – Privilege Escalation# Date: 01-11-2021# Exploit Author: Orion Hridoy# Vendor Homepage: https://www.smartagent.io/# Version: Build 3.1.0#
January 13th, 2021 📆 | 3983 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule < Msf::Exploit::Localinclude Exploit::EXEinclude Msf::Post::Fileinclude Msf::Post::Windows::Privinclude Msf::Post::Windows::Processinclude Msf::Post::Windows::ReflectiveDLLInjectioninclude Msf::Post::Windows::Dotnetinclude Msf::Post::Windows::Servicesinclude
January 12th, 2021 📆 | 7989 Views ⚑
# Exploit Title: EyesOfNetwork 5.3 – RCE & PrivEsc# Date: 10/01/2021# Exploit Author: Audencia Business SCHOOL Red Team# Vendor Homepage:
January 9th, 2021 📆 | 7061 Views ⚑
# Exploit Title: PaperStream IP (TWAIN) 1.42.0.5685 - Local Privilege Escalation # Exploit Author: 1F98D # Original Author: securifera #
January 8th, 2021 📆 | 4232 Views ⚑
Discovery / credits: malvuln – Malvuln.com (c) 2021Original source: https://malvuln.com/advisory/bba63df41adcf2cf80c74e4a62539d44.txtContact: [email protected]: twitter.com/malvuln Threat: Backdoor.Win32.Agent.dcbhVulnerability: Insecure Permissions EoPDescription: Drops an executable
January 8th, 2021 📆 | 4013 Views ⚑
Discovery / credits: malvuln – Malvuln.com (c) 2021Original source: https://malvuln.com/advisory/7bd93c10c9373cfc2bcc8eff712631f1.txtContact: [email protected]: twitter.com/malvuln Threat: Backdoor.Win32.Xtreme.yvpVulnerability: Insecure Permissions EoPDescription: Change permissions are
January 8th, 2021 📆 | 7540 Views ⚑
# Exploit Title: PaperStream IP (TWAIN) 1.42.0.5685 – Local Privilege Escalation# Exploit Author: 1F98D# Original Author: securifera# Date: 12 May
January 5th, 2021 📆 | 1625 Views ⚑
Discovery / credits: malvuln – Malvuln.com (c) 2021Original source: http://malvuln.com/advisory/099a169f81089dc493ea300ef0309f70.txtContact: [email protected]: twitter.com/malvuln Threat: Trojan.Win32.Bayrob.cgauVulnerability: Insecure Permissions EoP (SYSTEM)Description: Change permissions
January 4th, 2021 📆 | 7736 Views ⚑
Discovery / credits: malvuln – Malvuln.com (c) 2021Original source: http://malvuln.com/advisory/f4d7d721f68bc9a80aaf53bc184a3c58.txtContact: [email protected]: twitter.com/malvuln Threat: PhorpiexVulnerability: Insecure permissions EoPDescription: Change permissions are
December 23rd, 2020 📆 | 2838 Views ⚑
CVE-2020-0986, which was exploited in the wild, was not fixed. The vulnerability still exists, just the exploitation method had to
December 23rd, 2020 📆 | 7137 Views ⚑
Details======= Subject: Local Privilege EscalationProduct: SUPREMO by Nanosystems S.r.l.Vendor Homepage: https://www.supremocontrol.com/Vendor Status: fixed version releasedVulnerable Version: 4.1.3.2348 (No other version
December 23rd, 2020 📆 | 2448 Views ⚑
Video and POC here : https://www.youtube.com/watch?v=hAPkSGxh9H0 When you open a project in android studio, if gradle-wrapper.properties setdistributionUrl=https://services.gradle.org/distributions/gradle-2.6-all.zip,then android studio will
December 22nd, 2020 📆 | 8007 Views ⚑
Stratodesk NoTouch Center Virtual Appliance is a portal for managing NoTouch clients. It appears that Stratodesk has a partnership with
December 21st, 2020 📆 | 5160 Views ⚑
# Exploit Title: Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation # Date: 03.12.2020 # Exploit Author: Maximilian Barz
December 16th, 2020 📆 | 3677 Views ⚑
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## require ‘msf/core/post/file’require ‘msf/core/exploit/exe’require ‘msf/core/post/windows/priv’ class MetasploitModule < Msf::Exploit::LocalRank = NormalRanking include
December 15th, 2020 📆 | 4631 Views ⚑
# Exploit Title: Macally WIFISD2-2A82 2.000.010 – Guest to Root Privilege Escalation# Date: 03.12.2020 # Exploit Author: Maximilian Barz and
December 10th, 2020 📆 | 7056 Views ⚑
The Microsoft Windows Cloud Filter driver can be abused to create arbitrary files and directories leading to elevation of privilege.
December 10th, 2020 📆 | 2570 Views ⚑
The Microsoft Windows Cloud Filter access check does not take into account restrictions such as Mandatory Labels allowing a user
The best security conferences of 2021 December 21, 2020 The COVID-19 pandemic certainly threw a monkey wrench into the…
A second hacking group has targeted SolarWinds systems December 21, 2020 As forensic evidence is slowly being unearthed in the aftermath…
GitLab 11.4.7 – Remote Code Execution (Authenticated) December 20, 2020 # Exploit Title: GitLab 11.4.7 Authenticated Remote Code Execution (No…
Rioters Open Capitol’s Doors to Potential Cyberthreats January 7, 2021 Business Continuity Management / Disaster Recovery , Critical Infrastructure Security…
WordPress Contact Form 7 5.3.1 Shell Upload ≈ Packet Storm December 22, 2020 # Exploit Title: Wordpress Plugin Contact Form 7 5.3.1 -…
Windows 10 bug corrupts your hard drive on seeing… January 15, 2021 An unpatched zero-day in Microsoft Windows 10 allows attackers to…Oracle Solaris SunSSH PAM parse_user_name() Buffer… December 18, 2020 ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule…
Comments