QNAP QTS version 4.2.1 Build 20160601 suffers from a cross site scripting vulnerability.
559a2c873cc88588570a681aea2d06fbbb6046cd8fdf54b9dbfec6256c89dda1QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.
448d8a4712caf953aec99fadb1be4168c93a5e989fce7c009cd8577b1290902fQNAP QTS version 4.2.1 Build 20160601 suffers from an arbitrary file overwrite vulnerability.
1b6b302fa261390c5f0c6aa9787378c2eaa3685d815a17a90ab3bfb40b207096QNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from a persistent cross site scripting vulnerability.
96a4d53ecd91f1a17608c43886a495fcf40a7eca582c4989e48e047118b247ceQNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from an OS command injection vulnerability.
892e6af51235735fae4ad4873dc7e3cc493bcb86a765cb905cdf1117cf7df8a9QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.
e766f0f6ff858161e23849a3310ffff9e284a377d2850c7d0aacd1f4541b45deSIEMENS IP Camera CCMW1025 version x.2.2.1798 remote change admin user / password exploit.
e574218048ed693e31f4c6c1c0307b79dfa61879f56aa22331545be561d97c39Honeywell IP-Camera HICC-1100PT suffers from an unauthenticated remote credential disclosure vulnerability.
c7e6e374ae953f8fbd0f9c1b224048c318f5e2d2a813014e246f1c1b1a4bc230EXTRABACON is a zero day remote code execution exploit for Cisco Adaptive Security Appliance (ASA) devices. It leverages an SNMP overflow and relies on knowing the target's uptime and software version. Versions affected include 802, 803, 804, 805, 821, 822, 823, 824, 825, 831, 832, 841, 842, 843, 844. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. Cisco is providing mitigations as a patch currently does not exist.
83777ebca2044d8fa4a7a63d7e547773a5635a73a48c9ed4b6c12e3c3006b0b2ESCALATEPLOWMAN is a privilege escalation exploit for WatchGuard firewalls of unknown versions that injects code via the ifconfig command. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
c37b22787e9ddaa9d60b82f9dc16308b3ba221cdbf08473ee961d51b5a3415c6EPICBANANA is a privilege escalation exploit for Cisco Adaptive Security Appliance (ASA) and Cisco Private Internet eXchange (PIX) devices. Exploitation takes advantage of default Cisco credentials (password: cisco). ASA versions affected include 711, 712, 721, 722, 723, 724, 80432, 804, 805, 822, 823, 824, 825, 831, 832 and PIX versions affected include 711, 712, 721, 722, 723, 724, 804. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
7a40affbc0fdeff9a5ab9a5130ea940d7fbd8480e3928286a3ef77ba66d79aadELIGIBLECONTESTANT is a remote code execution exploit for TOPSEC firewalls. It leverages an HTTP POST parameter injection vulnerability. Versions affected include 3.3.005.057.1 to 3.3.010.024.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
59848b46c37a5bd79164b01f6f26b13556c38be3e0e97299b73831a70f6daca1ELIGIBLECANDIDATE is a remote code execution exploit for TOPSEC firewalls. It leverages an HTTP cookie command injection vulnerability. Versions affected include 3.3.005.057.1 to 3.3.010.024.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
01f69cb478b24ecc0b6ad0ff932da831c3cc213dfc04d3eb8664416465ac2181ELIGIBLEBOMBSHELL is a remote code execution exploit for TOPSEC firewalls. It exploits an HTTP cookie command injection vulnerability and uses ETag examination for version detection. Versions affected include 3.2.100.010.1_pbc_17_iv_3 to 3.3.005.066.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.
37995ac0e31ed0e1c4a5e6e4e4cf4250865281120cfb9042fed627c4fe480fa2This is an exploit with an unclear attack vector for TOPSEC firewalls running TOS operating system versions 3.2.100.010, 3.3.001.050, 3.3.002.021 and 3.3.002.030. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. This archive also includes the BLATSTING implant that works in conjunction with this exploit.
ae4f378ecbad405382fac8e24df03e338500f8f2240c84275feef4f4de371f1dEGREGIOUSBLUNDER is a remote code execution exploit for Fortigate firewalls. It leverages an HTTP cookie overflow and is different from CVE-2006-6493 as noted by Avast. Models affected include 60, 60M, 80C, 200A, 300A, 400A, 500A, 620B, 800, 5000, 1000A, 3600, and 3600A. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. This archive also includes the BLATSTING implant that works in conjunction with this exploit.
cb7ca3937e0c84ef93eb8359bf23c3cc67d0f661d4cae04a22803efdb1413e40This Metasploit module will create a service on the box, and mark it for auto-restart.
79da7c70153554395ef5348119b04ecdb39ab60cb29fef4eae875f83f0352191This Metasploit module will create a cron or crontab entry to execute a payload. The module includes the ability to automatically clean up those entries to prevent multiple executions. syslog will get a copy of the cron entry.
9793155803f506f6e27c18e5277bed947632ef874e5664d5251d4e9d7cb8c507Siemens IP-Camera versions x.2.2.1798, CxMS2025_V2458_SP1, x.2.2.1798, and x.2.2.1235 suffer from an unauthenticated credential disclosure vulnerability.
6f66438ce50ec2d5fc732fa79d30cf3d29dcbb1b1a9b5a54690478fb7fa6a831There exists a Microsoft Windows kernel win32k.sys FON font processing divide-by-zero exception in win32k!MAPPER::bFoundExactMatch.
86fb74f0e63010ff0a7fb4973eb0c6d1caaf2804f136ab3f0378d821bad93cd8There exists a Microsoft GDI+ heap-based buffer overflow vulnerability in the handling of EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA records.
440b0349f3fb3326757edc43d915b3d78d5de13ebfbd99f1dedbbe5e5af5ad08Microsoft GDI+ out-of-bounds write proof of concept exploit that works due to invalid pointer arithmetic in DecodeCompressedRLEBitmap.
f844fc522185ba44ce4354d3b48adb145bfe386433316fd5ea471ef8d2828ce7Microsoft GDI+ out-of-bounds write proof of concept exploit that works due to invalid pointer arithmetic in ValidateBitmapInfo.
7b31bbc88836070948b74762707fba14655f55a51249826bb0bd82fc4dec8240NetIQ Access Manager iManager versions 2.7.7.5 and 2.7.7.6 suffer from a cross site scripting vulnerability.
0d8b132a98ae866b25e976fa91c028b7f87513113e4275ea391b836b58886260Pi-Hole version 2.8.1 with web interface version 1.3 suffers from a persistent cross site scripting vulnerability.
dcdfd8e2b303c612ea99f185e33cfd910d4a217f8d34dbe3ab23d1823435c694
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed