Complete comprehensive archive of all 2,124 exploits added to Packet Storm in 2021.
b7f13cb98fb7c8149a410a1b37e37aea6681aa5615e242fa10edd124bd4eceb3
This archive contains all of the 121 exploits added to Packet Storm in December, 2021.
7871fe06c6472609af5db8722cadc21ae86d50b3517d3f9a3b22b06498f8348a
This Metasploit module exploits CVE-2021-44077, an unauthenticated remote code execution vulnerability in ManageEngine ServiceDesk Plus, to upload an EXE (msiexec.exe) and execute it as the SYSTEM account. Note that build 11305 is vulnerable to the authentication bypass but not the file upload. The module will check for an exploitable build.
244ae2538bc9ec8f90e308561999a95ddf997764203cb31dbd2e32b039b73273
Terramaster F4-210 and F2-210 chained exploit that performs session crafting to achieve escalated privileges that then allows an attacker to access vulnerable code execution flaws. TOS versions 4.2.x are affected.
280fe87f73ebbd9b65c98174e56a305596930cb8ba4ec478c59ce61cce93ca5f
Backdoor.Win32.FTP.Simpel.12 malware uses MD5 with no salt for password storage.
fa0bad4b0d1e6b7e848560c99ab47053d8b73f2a4bcf7e8f3d5dbe9918824375
The Windows Explorer Preview Pane feature allows for spoofing of links contained in an HTML based file because upon moving the mouse over the link nothing happens and it cannot be right-clicked to show the actual target.
1275b5aeba88545381a682189becb0cad4288ce1bb6d7f8098c04512d9cff739
Backdoor.Win32.FTP.Simpel.12 malware suffers from a man-in-the-middle vulnerability.
6e5c371fe9d4183ded36eebcaa977f36dc3de85aaea04405823bc486dd893bc3
Backdoor.Win32.Visiotrol.10 malware suffers from an insecure password storage vulnerability.
26006253cbf2950c7d2354800cbbf3814299c513dd0af87e124bf174be43d8bc
Previewing a WMA/WMV media format on Windows Explorer through its Preview Pane causes embedded URLs to be automatically opened in the default browser without displaying any prompt.
98dcb4f9d45ba81e279bbac6bb698eabf35adbe152670fa610b74e3e1a69a142
Accu-Time Systems MAXIMUS version 1.0 telnetd buffer overflow exploit that causes a denial of service condition.
cb3f083fd9c31138bd2a66a3b9e0bb7a525331fdb5bc662e830c2b1678f2e60c
Aver EVC300 firmware version 00.10.16.36 suffers from having multiple hard-coded secrets that can allow for access bypass.
6c8b58eebefab883a476e7c0e7a31db4a47012aef0195c394bc77695927b4f87
Exponent CMS version 2.6 suffers from cross site scripting and brute forcing vulnerabilities.
ea1e4aaf18aef9097d35dcd6da19c02f95fd59f385a7feb1cf9542eeb9afd9e8
phpKF CMS version 3.00 Beta y6 unauthenticated remote code execution exploit.
f7242ccdc636c8bb776ba9042add92824daf4fdb254368f1fb1e6ed2544a8783
WBCE CMS versions 1.5.1 and below suffer from an administrative password reset vulnerability.
5f7737dbac2310dd0d2fc1d5f0b3bac5f2031d8c66a536c6c1ee2a4b5138f60a
This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address (192/172/127/10). The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit leverages an authenticated improper input validation in WordPress plugin Popular Posts versions 5.3.2 and below. The exploit chain is rather complicated. Authentication is required and gd for PHP is required on the server. Then the Popular Post plugin is reconfigured to allow for an arbitrary URL for the post image in the widget. A post is made, then requests are sent to the post to make it more popular than the previous #1 by 5. Once the post hits the top 5, and after a 60 second server cache refresh (the exploit waits 90 seconds), the homepage widget is loaded which triggers the plugin to download the payload from the server. The payload has a GIF header, and a double extension (.gif.php) allowing for arbitrary PHP code to be executed.
90db5fa8de8fdf34a913230d5320fbeba171c2aac53e75371d7b3d5919bde065
Bazaar Web PHP Social Listings suffers from a remote shell upload vulnerability.
f1629de60b9c1c66f85917fe4e27cf490f6caab55d5182d2047cf1df6cde10ab
Video Sharing Website version 1.0 appears to suffer from a remote SQL injection vulnerability.
2784313c95a531246f7199e48b5fedc0ea6d5e52978a87d8aae64cb4c78d0d35
Signup PHP Portal version 2.1 suffers from a remote shell upload vulnerability.
0ffc78db1554cc2312874b940b014bebbe2e06854b885e74b9060727a2e56e98
Alfa Team Shell Tesla version 4.1 suffers from a remote code execution vulnerability.
363374659febefa3f6d3f2659c5f5631aa41a3d73f84debd925e4dccbd81a349
This bug report describes a vulnerability in ART that allows normal applications to insert arbitrary code into unused executable memory in zygote and other applications.
0b76a7bc1be55f6a0ca439ea53194142e663f42e1e49261458b945a5c953244c
Backdoor.Win32.Mellpon.b malware suffers from an information leakage vulnerability.
761ceb8f508d6adbdde19c1cce59fa938edd0d4afe1594bd485de400ed400385
Backdoor.Win32.BNLite malware suffers from a buffer overflow vulnerability.
01bbd555cf9dca685c3ed68fd11fa393896d1ba2c6714e8b296fcfdf331a2623
Chrome suffers from a site isolation bypass vulnerability in NavigationPreloadRequest.
c9ae23bee94814ab6b61e9a833062d8e293e2578a25f1bb12700b1b43ab9d235
Chrome suffers from a heap use-after-free vulnerability in ThreadedIconLoader::DecodeAndResizeImageOnBackgroundThread.
71808e6bb0dde08cb3a27713b43d7dc091dfb113ccf137e1c64ebecc641c8d58
Chrome suffers from a heap use-after-free vulnerability in blink::NativeIOFile::DoRead.
c59d2ce9fc476860bcf31c9b55f9ea51508a55eab0465bddfe51b527a15f6556