QNAP QTS version 4.2.1 Build 20160601 suffers from a cross site scripting vulnerability.
559a2c873cc88588570a681aea2d06fbbb6046cd8fdf54b9dbfec6256c89dda1
QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.
448d8a4712caf953aec99fadb1be4168c93a5e989fce7c009cd8577b1290902f
QNAP QTS version 4.2.1 Build 20160601 suffers from an arbitrary file overwrite vulnerability.
1b6b302fa261390c5f0c6aa9787378c2eaa3685d815a17a90ab3bfb40b207096
QNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from a persistent cross site scripting vulnerability.
96a4d53ecd91f1a17608c43886a495fcf40a7eca582c4989e48e047118b247ce
QNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from an OS command injection vulnerability.
892e6af51235735fae4ad4873dc7e3cc493bcb86a765cb905cdf1117cf7df8a9
QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.
e766f0f6ff858161e23849a3310ffff9e284a377d2850c7d0aacd1f4541b45de
SIEMENS IP Camera CCMW1025 version x.2.2.1798 remote change admin user / password exploit.
e574218048ed693e31f4c6c1c0307b79dfa61879f56aa22331545be561d97c39
Honeywell IP-Camera HICC-1100PT suffers from an unauthenticated remote credential disclosure vulnerability.
c7e6e374ae953f8fbd0f9c1b224048c318f5e2d2a813014e246f1c1b1a4bc230
EXTRABACON is a zero day remote code execution exploit for Cisco Adaptive Security Appliance (ASA) devices. It leverages an SNMP overflow and relies on knowing the target's uptime and software version. Versions affected include 802, 803, 804, 805, 821, 822, 823, 824, 825, 831, 832, 841, 842, 843, 844. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. Cisco is providing mitigations as a patch currently does not exist.
83777ebca2044d8fa4a7a63d7e547773a5635a73a48c9ed4b6c12e3c3006b0b2
ESCALATEPLOWMAN is a privilege escalation exploit for WatchGuard firewalls of unknown versions that injects code via the ifconfig command. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
c37b22787e9ddaa9d60b82f9dc16308b3ba221cdbf08473ee961d51b5a3415c6
EPICBANANA is a privilege escalation exploit for Cisco Adaptive Security Appliance (ASA) and Cisco Private Internet eXchange (PIX) devices. Exploitation takes advantage of default Cisco credentials (password: cisco). ASA versions affected include 711, 712, 721, 722, 723, 724, 80432, 804, 805, 822, 823, 824, 825, 831, 832 and PIX versions affected include 711, 712, 721, 722, 723, 724, 804. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
7a40affbc0fdeff9a5ab9a5130ea940d7fbd8480e3928286a3ef77ba66d79aad
ELIGIBLECONTESTANT is a remote code execution exploit for TOPSEC firewalls. It leverages an HTTP POST parameter injection vulnerability. Versions affected include 3.3.005.057.1 to 3.3.010.024.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
59848b46c37a5bd79164b01f6f26b13556c38be3e0e97299b73831a70f6daca1
ELIGIBLECANDIDATE is a remote code execution exploit for TOPSEC firewalls. It leverages an HTTP cookie command injection vulnerability. Versions affected include 3.3.005.057.1 to 3.3.010.024.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
01f69cb478b24ecc0b6ad0ff932da831c3cc213dfc04d3eb8664416465ac2181
ELIGIBLEBOMBSHELL is a remote code execution exploit for TOPSEC firewalls. It exploits an HTTP cookie command injection vulnerability and uses ETag examination for version detection. Versions affected include 3.2.100.010.1_pbc_17_iv_3 to 3.3.005.066.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
37995ac0e31ed0e1c4a5e6e4e4cf4250865281120cfb9042fed627c4fe480fa2
This is an exploit with an unclear attack vector for TOPSEC firewalls running TOS operating system versions 3.2.100.010, 3.3.001.050, 3.3.002.021 and 3.3.002.030. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. This archive also includes the BLATSTING implant that works in conjunction with this exploit.
ae4f378ecbad405382fac8e24df03e338500f8f2240c84275feef4f4de371f1d
EGREGIOUSBLUNDER is a remote code execution exploit for Fortigate firewalls. It leverages an HTTP cookie overflow and is different from CVE-2006-6493 as noted by Avast. Models affected include 60, 60M, 80C, 200A, 300A, 400A, 500A, 620B, 800, 5000, 1000A, 3600, and 3600A. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. This archive also includes the BLATSTING implant that works in conjunction with this exploit.
cb7ca3937e0c84ef93eb8359bf23c3cc67d0f661d4cae04a22803efdb1413e40
This Metasploit module will create a service on the box, and mark it for auto-restart.
79da7c70153554395ef5348119b04ecdb39ab60cb29fef4eae875f83f0352191
This Metasploit module will create a cron or crontab entry to execute a payload. The module includes the ability to automatically clean up those entries to prevent multiple executions. syslog will get a copy of the cron entry.
9793155803f506f6e27c18e5277bed947632ef874e5664d5251d4e9d7cb8c507
Siemens IP-Camera versions x.2.2.1798, CxMS2025_V2458_SP1, x.2.2.1798, and x.2.2.1235 suffer from an unauthenticated credential disclosure vulnerability.
6f66438ce50ec2d5fc732fa79d30cf3d29dcbb1b1a9b5a54690478fb7fa6a831
There exists a Microsoft Windows kernel win32k.sys FON font processing divide-by-zero exception in win32k!MAPPER::bFoundExactMatch.
86fb74f0e63010ff0a7fb4973eb0c6d1caaf2804f136ab3f0378d821bad93cd8
There exists a Microsoft GDI+ heap-based buffer overflow vulnerability in the handling of EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA records.
440b0349f3fb3326757edc43d915b3d78d5de13ebfbd99f1dedbbe5e5af5ad08
Microsoft GDI+ out-of-bounds write proof of concept exploit that works due to invalid pointer arithmetic in DecodeCompressedRLEBitmap.
f844fc522185ba44ce4354d3b48adb145bfe386433316fd5ea471ef8d2828ce7
Microsoft GDI+ out-of-bounds write proof of concept exploit that works due to invalid pointer arithmetic in ValidateBitmapInfo.
7b31bbc88836070948b74762707fba14655f55a51249826bb0bd82fc4dec8240
NetIQ Access Manager iManager versions 2.7.7.5 and 2.7.7.6 suffer from a cross site scripting vulnerability.
0d8b132a98ae866b25e976fa91c028b7f87513113e4275ea391b836b58886260
Pi-Hole version 2.8.1 with web interface version 1.3 suffers from a persistent cross site scripting vulnerability.
dcdfd8e2b303c612ea99f185e33cfd910d4a217f8d34dbe3ab23d1823435c694