This Metasploit module exploits a command injection vulnerability in the tdpServer daemon (/usr/bin/tdpServer), running on the router TP-Link Archer A7/C7 (AC1750), hardware version 5, MIPS Architecture, firmware version 190726. The vulnerability can only be exploited by an attacker on the LAN side of the router, but the attacker does not need any authentication to abuse it. After exploitation, an attacker will be able to execute any command as root, including downloading and executing a binary from another host. This vulnerability was discovered and exploited at Pwn2Own Tokyo 2019 by the Flashback team.
e92df66f65cf2445fb8664db83303e49
This Metasploit module exploits a Java unmarshalling vulnerability via JSONWS in Liferay Portal versions prior to 6.2.5 GA6, 7.0.6 GA7, 7.1.3 GA4, and 7.2.1 GA2 to execute code as the Liferay user. Tested against 7.2.0 GA1.
a3748995cc709b3443e82aaf46013802
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.
3c5ce8d23e136fc9c676be617c2af95c
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
397556aadba7a2092a659fed9c8414af
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
1e84529c89e9de73b96a12d6dfe59a8b
A git clone action can leak cached / stored credentials for github.com to example.com due to insecure handling of newlines in the credential helper protocol.
c958ad3ac0a7a989d1f7f2c9f24fadb6
In Microsoft Windows, by using the poorly documented SE_SERVER_SECURITY Control flag it is possible to set an owner different to the caller, bypassing security checks.
5d3f5584e58e6901a002f9377a06e10b
Microsoft Windows suffers from an NtFilterToken ParentTokenId incorrect setting that allows for elevation of privileges.
86b3a43f0e04663a4647981a2e122e3f
Ubuntu Security Notice 4330-1 - It was discovered that PHP incorrectly handled certain file uploads. An attacker could possibly use this issue to cause a crash. It was discovered that PHP incorrectly handled certain PHAR archive files. An attacker could possibly use this issue to access sensitive information. It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. Various other issues were also addressed.
0fda62773a60658789b8a8c4895924f6
AirDisk Pro version 5.5.3 for iOS suffers from multiple persistent cross site scripting vulnerabilities.
72313b2c173c70273210d0849604c569
CA Technologies, A Broadcom Company, is alerting customers to multiple vulnerabilities in CA API Developer Portal. Multiple vulnerabilities exist that can allow attackers to bypass access controls, view or modify sensitive information, perform open redirect attacks, or elevate privileges. CA published solutions to address these vulnerabilities and recommends that all affected customers implement these solutions. Versions 4.2.x and below as well as 4.3.1 are affected.
41ea12d4bc41579c50f99b2ac4038d04
SeedDMS version 5.1.18 suffers from multiple persistent cross site scripting vulnerabilities.
6d09f2baef98772de05867725345ecfc
Macs Framework version 1.14f suffers from cross site scripting and remote SQL injection vulnerabilities.
2342bcf2b5644937d874a9d0216d7648
File Transfer iFamily version 2.1 suffers from a directory traversal vulnerability.
ebddbc353e67d87cba2b2731cac974d1
SuperBackup version 2.0.5 for iOS suffers from a persistent cross site scripting vulnerability.
b38fee9254f243aad26218abafa9c63f
DedeCMS version 7.5 SP2 suffers from multiple persistent cross site scripting vulnerabilities.
cd386484581015658d08a7be59921b13
DedeCMS version 7.5 SP2 suffers from multiple cross site scripting vulnerabilities.
d16df83b666b2c7a6d63f3fab899343a
The Bundeswehr Karriere portal suffered from multiple cross site scripting vulnerabilities.
de1f3d2b8b6eb34d152c970b16a0b4bf
Whitepaper called Exploiting CAN-Bus using Instrument Cluster Simulator.
ea95d8c2ce4151c44d8dae29b04bfcd2
BlazeDVD version 7.0.2 SEH buffer overflow exploit.
d83c614b5afbdff4acfcd53cdf993f6a
Pinger version 1.0 suffers from a remote code execution vulnerability.
f7948410c34787bae48a24f3ba7e266e
SkyWrapper is a tool from CyberArk that helps to discover suspicious creation forms and uses of temporary tokens in AWS.
7b35e6be72ce242f33ef5341a30467d6
Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service (crash the host). It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information (read memory from another guest VM). Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory).
447f0d1c5c178b42193ae361cc92d87a
Matrix42 Workspace Management version 9.1.2.2765 suffers from a persistent cross site scripting vulnerability.
d7622e1b5af76e87a0ba3b19190d51a8
Ubuntu Security Notice 4329-1 - Felix Wilhelm discovered that Git incorrectly handled certain URLs that included newlines. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host.
de51f35adc96924b72137aa00fca4fd1