what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2024-08-23

Ray cpu_profile Command Injection
Posted Aug 23, 2024
Authored by sierrabearchell, byt3bl33d3r, Takahiro Yokoyama | Site metasploit.com

This Metasploit module demonstrates a command injection vulnerability in Ray via cpu_profile.

tags | exploit
advisories | CVE-2023-6019
SHA-256 | 8df2df72517b571d9dd8bd6cfcba7d7a0e2e3adcc491da6ac95c7d5c7f943993
Ray Agent Job Remote Code Execution
Posted Aug 23, 2024
Authored by sierrabearchell, byt3bl33d3r, Takahiro Yokoyama | Site metasploit.com

This Metasploit modules demonstrates remote code execution in Ray via the agent job submission endpoint. This is intended functionality as Ray's main purpose is executing arbitrary workloads. By default Ray has no authentication.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2023-48022
SHA-256 | 276fa27f2b7f4e3368e29c64a43eb5175c7a06d6b1f36b8ce2b8c3203b044082
DiCal-RED 4009 Information Disclosure
Posted Aug 23, 2024
Authored by Sebastian Hamann | Site syss.de

DiCal-RED version 4009 provides a network server on TCP port 2101. This service does not seem to process any input, but it regularly sends data to connected clients. This includes operation messages when they are processed by the device. An unauthenticated attacker can therefore gain information about current emergency situations and possibly also emergency vehicle positions or routes.

tags | exploit, tcp
advisories | CVE-2024-36441
SHA-256 | ab5d94c2a1f0e4d8bfcda084e05a40a114001865191d658dc9600e79c80e6702
DiCal-RED 4009 Outdated Third Party Components
Posted Aug 23, 2024
Authored by Sebastian Hamann | Site syss.de

DiCal-RED version 4009 makes use of unmaintained third party components with their own vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2016-5195, CVE-2016-7406, CVE-2019-1281
SHA-256 | ac46a5297fc9b5ee7331f8918ab83a70fa899f2cf27a29ac3f89865c35bbf946
DiCal-RED 4009 Log Disclosure
Posted Aug 23, 2024
Authored by Sebastian Hamann | Site syss.de

DiCal-RED version 4009 is vulnerable to unauthorized log access and other files on the device's file system due to improper authentication checks.

tags | exploit
advisories | CVE-2024-36444
SHA-256 | 22505e01eb5b8d58240173b875a10f1ce90aedba603dcb8c2cab2ffb9c7b12b6
DiCal-RED 4009 Path Traversal
Posted Aug 23, 2024
Authored by Sebastian Hamann | Site syss.de

DiCal-RED version 4009 has an administrative web interface that is vulnerable to path traversal attacks in several places. The functions to download or display log files can be used to access arbitrary files on the device's file system. The upload function for new license files can be used to write files anywhere on the device's file system - possibly overwriting important system configuration files, binaries or scripts. Replacing files that are executed during system operation results in a full compromise of the whole device.

tags | exploit, web, arbitrary
advisories | CVE-2024-36442
SHA-256 | 7c7db8db22b8d44815d0c4d1894bb2b5c72cd299da13c7d7e62d1b7f68ee685e
DiCal-RED 4009 Cryptography Failure
Posted Aug 23, 2024
Authored by Sebastian Hamann | Site syss.de

DiCal-RED version 4009 provides an administrative web interface that requests the administrative system password before it can be used. Instead of submitting the user-supplied password, its MD5 hash is calculated on the client side and submitted. An attacker who knows the hash of the correct password but not the password itself can simply replace the value of the password URL parameter with the correct hash and subsequently gain full access to the administrative web interface.

tags | exploit, web
advisories | CVE-2024-36439
SHA-256 | be90b2b3ba74aa9d5ebd8ad42a421183d9736ccd9ae6ba44a68eee851329062e
DiCal-RED 4009 Weak Hashing
Posted Aug 23, 2024
Authored by Sebastian Hamann | Site syss.de

DiCal-RED version 4009 has a password that is stored in the file /etc/deviceconfig as a plain MD5 hash, i.e. without any salt or computational cost function.

tags | exploit
advisories | CVE-2024-36440
SHA-256 | 4631bb7b250de8fee1eca2b359b877101e979ef0df7cbe8484627af4fcf3047e
DiCal-RED 4009 Missing Authentication
Posted Aug 23, 2024
Authored by Sebastian Hamann | Site syss.de

DiCal-RED version 4009 provides an FTP service on TCP port 21. This service allows anonymous access, i.e. logging in as the user "anonymous" with an arbitrary password. Anonymous users get read access to the whole file system of the device, including files that contain sensitive configuration information, such as /etc/deviceconfig. The respective process on the system runs as the system user "ftp". Therefore, a few files with restrictive permissions are not accessible via FTP.

tags | exploit, arbitrary, tcp
advisories | CVE-2024-36443
SHA-256 | 52bc52be64d4c2afda673bb45ef55a60f84844e255049be801b31a39b418fdfc
DiCal-RED 4009 Missing Authentication
Posted Aug 23, 2024
Authored by Sebastian Hamann | Site syss.de

DiCal-RED version 4009 provides a Telnet service on TCP port 23. This service grants access to an interactive shell as the system's root user and does not require authentication.

tags | exploit, shell, root, tcp
advisories | CVE-2024-36445
SHA-256 | a6385e494be7b4b70dba302642602595baa5c71833106dcef5c061db726846b5
OX App Suite Cross Site Scripting / Denial Of Service
Posted Aug 23, 2024
Authored by Martin Heiland

OX App Suite frontend version 7.10.6-rev42 suffers from cross site scripting vulnerabilities. OX App Suite backend versions 7.10.6-rev61 and 8.22 suffer from a denial of service vulnerability.

tags | advisory, denial of service, vulnerability, xss
advisories | CVE-2021-41184, CVE-2024-25582, CVE-2024-25710
SHA-256 | 6e2623da412af99e461937edfe417e674fe26af8c59f680b4bb1489413794ba8
OX App Suite Frontend 7.10.6-rev44 Cross Site Scripting
Posted Aug 23, 2024
Authored by Martin Heiland

OX App Suite frontend version 7.10.6-rev44 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2024-4367
SHA-256 | 1360b972ed80fc23c7c8b3b040403a512a3915dd0f5a8e6e9c5792c83a0e4c39
UFONet 1.9
Posted Aug 23, 2024
Authored by psy | Site ufonet.03c8.net

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

Changes: Added the setup.py auto-installer and open redirect dorks. Fixed dorking engines, crypto lib, and threading. Cleaned community botnet + data. Modified and updated Web/GUI. Updated documentation. Updated website.
tags | tool, web, denial of service, spoof
systems | unix
SHA-256 | 9a945f44f885a1bb20d7bedc6e5a650484a28c881b547218ca5fdea560d9a2f3
Ubuntu Security Notice USN-6980-1
Posted Aug 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6980-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-12805, CVE-2018-16413, CVE-2018-18025
SHA-256 | 08057937c697df9e4ae1ea540f09cc14cb2024a0420d71bc2d5deaac6fa7cfe8
Ubuntu Security Notice USN-6978-1
Posted Aug 23, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6978-1 - It was discovered that XStream incorrectly handled parsing of certain crafted XML documents. A remote attacker could possibly use this issue to read arbitrary files. Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream.

tags | advisory, remote, arbitrary, shell, code execution
systems | linux, ubuntu
advisories | CVE-2016-3674, CVE-2020-26217, CVE-2020-26258, CVE-2020-26259, CVE-2021-21341, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21351
SHA-256 | 1afbcb0e189834043502262cef1e4fea8c4cb080deab88eb59b5f09c1040106a
PlantUML 1.2024.6 Cross Site Scripting
Posted Aug 23, 2024
Authored by Hosein Vita

PlantUML version 1.2024.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 28cd588466b21f30b2a0db0072c4c78aa0532c61f088d9cdb521bb89e9c81e26
Crime Complaints Reporting Management System 1.0 Shell Upload
Posted Aug 23, 2024
Authored by indoushka

Crime Complaints Reporting Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | fc348a37c6564d0229e29d8f398a77b43a6d58259762e3d0f95b78bc3b0f745d
Courier Management System 1.0 Cross Site Request Forgery
Posted Aug 23, 2024
Authored by indoushka

Courier Management System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 1337ec69e9d47fa0f4de53f21ec712c664700813dc53c6cc49f8a2320c9686f0
Company Visitor Management 1.0 SQL Injection
Posted Aug 23, 2024
Authored by indoushka

Company Visitor Management version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | a3ae790e1f332d8ff787915e2feb853d7c3e614aeaea67361861ea7d18bb27df
CMSsite 1.0 Shell Upload
Posted Aug 23, 2024
Authored by indoushka

CMSsite version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 4e7a73c338e73423694e24acac9a56a1f1c42ad50f43ef66a924e0f30580b16c
Red Hat Security Advisory 2024-5446-03
Posted Aug 23, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5446-03 - Red Hat OpenShift Container Platform release 4.13.48 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-45290
SHA-256 | 09d6f66d3dc29d64808a60b7427ad8e21756b50a5b13261e7c980bf9fe8c8864
CMS RIMI 1.3 Cross Site Request Forgery / File Upload
Posted Aug 23, 2024
Authored by indoushka

CMS RIMI version 1.3 suffers from cross site request forgery and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, vulnerability, file upload, csrf
SHA-256 | dc50ee27904a926af74bf8f7250aab4eeedc989557ba1792b18fa14c73568744
Client Management System 1.0 SQL Injection
Posted Aug 23, 2024
Authored by indoushka

Client Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 25d183ad1ab808d8eb37c605403875c32f55a1eb9742ca2f0a1e77e0b7ce0951
CCMS Project 1.0 SQL Injection
Posted Aug 23, 2024
Authored by indoushka

CCMS Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | de9151d5ff302677fb5da77053693b392b8644cb6845abb56a920fd62a7f579c
Biobook Social Networking Site 1.0 SQL Injection
Posted Aug 23, 2024
Authored by indoushka

Biobook Social Networking Site version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | fa0e4caf860abda8bbabc5103e38c78e393907f876e4a4b9d5dd3cb7513396cf
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close