LOLDriver version 1.3-x64 proof of concept memory corruption exploit.
a330abffaaadfd62570ff07c8df013554081bb33cab314ff75bd805bebba1f05Sonicwall Secure Remote Access (SRA) version 8.1.0.2-14sv suffers from a remote command injection vulnerability.
058ee4560dcd1576fb23b43fa5fe3a3d28b656aedb5f932919ce0ded272f97b3Citrix CloudBridge suffers from a CAKEPHP pre-authentication remote root cookie command injection vulnerability.
ed35a3243301479f8f9b453927d581a3dab42f8438d6ee27f9608582962fb66fSonicwall version 8.1.0.2-14sv importlogo/sitecustomization remote command execution exploit.
bad044d4acf954bf0f910ffc7f39881c4498bc687a9f36640cd739cd6638bdc3Citrix SD-WAN version 9.1.2.26.561201 logout cookie pre-authentication remote command injection exploit.
a9d18103386b7c5413eb695eaee5e1020ef143fa405d4b964605ff5561db732dSonicwall SRA version 8.1.0.2-14sv gencsr.cgi remote command injection exploit.
329940cf4063e7a9fb0d94eae38b5e003d9143b085469fa57ef97279bed2d20eBarracuda Load Balancer Firmware versions 6.0.1.006 (2016-08-19) and below post-authentication remote root exploit.
761cc64c788d41c81b773e2661fb538a8d4516f8a3c77082756bc9a65c69ee93Sophos Web Appliance version 4.3.0.2 reporting JSON trafficType remote command injection exploit.
b7c8712bb8d62608c24d118744810037b7c47dba41c89048cac2b15b57b84234This Metasploit module exploits a remote command execution vulnerability in the Sonicwall SRA Appliance versions 8.1.0.2-14sv and below. The vulnerability exists in a section of the machine's administrative interface for performing configurations related to on-connect scripts to be launched for users connecting.
ee018dd39831a98879da701a3b32d457caca08abf9e8f7998865190e3fb7e893This Metasploit module exploits a remote command execution vulnerability in the Sonicwall SRA Appliance versions 8.1.0.2-14sv and below. The vulnerability exists in a section of the machine's administrative interface for performing configurations related to on-connect scripts to be launched for users connecting.
e5debce7ddf1f32b39ab4ebafe3798788f7bac257c170fec0012a53ab9729588This Metasploit module exploits a remote command execution vulnerability in the Sophos Web Appliance versions 4.2.1.3 and below. The vulnerability exists in a section of the machine's administrative interface for performing diagnostic network tests with wget and unsanitized user supplied information.
7db483f4c13c510be0772b6ca810c42aab21ae2d4566ceb664f88a68ec7e033cThis Metasploit module exploits two separate remote command injection vulnerabilities in the Sophos Web Appliance versions 4.2.1.3 and below via the web administration interface. By sending a specially crafted request it's possible to inject system commands
7c4b3bbdbc3b0206bfe31759b404dcf843c219914e256a2ec58afefa528e061cSophos Web Appliance version 4.2.1.3 is vulnerable to two remote command injection vulnerabilities.
545641ea8be8bc213ed17b9bb9c8d8511001c33b8803e8aeeba5626c4a9d867cThis Metasploit module exploits a remote command execution vulnerability in the Barracuda Web Application Firewall firmware versions 8.0.1.008 (2016-03-22) and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.
e629172103ae4ff6e305d3b64279d72809b63af1ee85c6af41c91df3db7d9d96This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware Version <= 8.0.1.008 and Load Balancer Firmware <= v5.4.0.004 by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.
ada1acb74888da1ee068093d1bfd8b3f3fa7cbe886c53bffebec80de7451a35eThis Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware Version <= 8.0.1.007 and Load Balancer Firmware <= v5.4.0.004 by exploiting a two vulnerabilities in the web administration interface. The first bug leverages a Arbitrary File Upload vulnerability to create a malicious file containing shell commands before using a second bug meant to clean up left-over core files on the device to execute them. By sending a specially crafted requests it's possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.
c5cbb5353489330f723faa90c0811bb577e0e6462b9b934b977a12a22fc05e6eThis Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware version 8.0.1.007 and below and Load Balancer Firmware versions 5.4.0.004 and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.
1140a40daee90570960cfd7f3c6d5cd7ddfbca7468a85535b18619b259be1089This Metasploit module exploits a remote command execution vulnerability in the Barracuda Spam and Virus firewall firmware versions 5.1.3.007 and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.
808ddc4f2e9d4a40b867ca92e98217e9170d718d92040b6e9e8b3c8f3b5a6144This Metasploit module exploits a remote command execution vulnerability in Barracuda Firmware versions 5.0.0.012 and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.
47ed3ef4957c8e0f48670b15bb88acf48f64853701b5565f1f077b80177cbc5aThis Metasploit module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This Metasploit module relies upon javascript for the heap spray.
c70e7201fb6677429aa372f8e4d78ab8b21364ee9a98a1ffc919b117d64949be278 byte shellcode for Solaris that downloads a binary named evil-dl from a host and saves it to /tmp/ff and then executes it.
bf7207f4db48a0b9dde6f35a1c6b899fc0c0213145bbf35b353cba491c4e83f3372 byte socket-proxy shellcode for Linux on x86.
433765238af6b29c9039efca01cdbde5d458010e03af10626c35d6b7f3e86c9190 byte connect back shellcode for Linux on x86.
34677ae2cc62c081beeb6ed4432ef2371fd2e9b8491caa7d9d91e10a202353a1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed