CVE-2019-1153

Related Files

Pulse Secure VPN Arbitrary Command Execution

Posted Nov 12, 2019

Authored by Orange Tsai, wvu, Meh Chang | Site metasploit.com

This Metasploit module exploits a post-auth command injection in the Pulse Secure VPN server to execute commands as root. The env(1) command is used to bypass application whitelisting and run arbitrary commands. Please see related module auxiliary/gather/pulse_secure_file_disclosure for a pre-auth file read that is able to obtain plaintext and hashed credentials, plus session IDs that may be used with this exploit. A valid administrator session ID is required in lieu of untested SSRF.

tags | exploit, arbitrary, root

advisories | CVE-2019-11539

SHA-256 | 6674132172219a30d7cdc8c399117a3d4c424e9e997b7824e6b1a2c5163f1072

Download | Favorite | View

Pulse Secure 8.1R15.1 / 8.2 / 8.3 / 9.0 SSL VPN Remote Code Execution

Posted Sep 6, 2019

Authored by Alyssa Herrera, Justin Wagner

Pulse Secure versions 8.1R15.1, 8.2, 8.3, and 9.0 SSL VPN remote code execution exploit.

tags | exploit, remote, code execution

advisories | CVE-2019-11539

SHA-256 | 428ddb0b67961d1a87be1c6c6acc41e678e23d1cbb23562598e8a6d6caf8b149

Download | Favorite | View

Microsoft Font Subsetting DLL FixSbitSubTableFormat1 Out-Of-Bounds Read

Posted Aug 15, 2019

Authored by Google Security Research, mjurczyk

Microsoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in FixSbitSubTableFormat1.

tags | exploit

advisories | CVE-2019-1153

SHA-256 | 227cc5ff3a07c88a3b14f3890b2bb30fa613cfb16d0ecb9e4e0ffa9023c914ae

Download | Favorite | View