what you don't know can hurt you
Showing 1 - 25 of 1,898 RSS Feed

Operating System: Cisco

Cisco ASA / FTD 9.6.4.42 Path Traversal
Posted Oct 11, 2020
Authored by 3ndG4me

Cisco ASA and FTD version 9.6.4.42 suffer from a path traversal vulnerability.

tags | exploit, file inclusion
systems | cisco
advisories | CVE-2020-3452
MD5 | 48f25de33c55a08e792d3ab4713f7f58
Cisco AnyConnect Privilege Escalation
Posted Sep 30, 2020
Authored by Yorick Koster, Christophe de la Fuente, Antoine Goichot | Site metasploit.com

The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to 4.9.00086 is vulnerable to a DLL hijacking and allows local attackers to execute code on the affected machine with with system level privileges. Both attacks consist in sending a specially crafted IPC request to the TCP port 62522 on the loopback device, which is exposed by the Cisco AnyConnect Secure Mobility Agent service.

tags | exploit, arbitrary, local, tcp
systems | cisco, windows
advisories | CVE-2020-3153, CVE-2020-3433
MD5 | 6dab51a6758b6569e7dba4af74f482ed
Cisco 7937G Denial Of Service
Posted Aug 10, 2020
Authored by Cody Martin

Two denial of service exploits for Cisco 7937G versions SIP-1-4-5-7 and below.

tags | exploit, denial of service
systems | cisco
advisories | CVE-2020-16138, CVE-2020-16139
MD5 | 5534c1f0e1f875aee45b3734baba6fdb
Cisco 7937G Privilege Escalation
Posted Aug 10, 2020
Authored by Cody Martin

Cisco 7947G versions SIP-1-4-5-7 and below privilege escalation exploit.

tags | exploit
systems | cisco
advisories | CVE-2020-16137
MD5 | 50b203b494ce1d079936d6dbb4a3f309
Cisco 7937G All-In-One Exploiter
Posted Aug 10, 2020
Authored by Cody Martin

This exploit is an all-in-one tool that leverages vulnerabilities described in CVE-2020-16139, CVE-2020-16138, and CVE-2020-16137 against Cisco 7937G devices versions SIP-1-4-5-7 and below.

tags | exploit, vulnerability
systems | cisco
advisories | CVE-2020-16137, CVE-2020-16138, CVE-2020-16139
MD5 | 9eb60ef20d0f3abf883446a0c58b2d27
Hydra Network Logon Cracker 9.1
Posted Jul 29, 2020
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Enabled gcc 10 support for xhydra. Fixed crash in MD5 auth for rtsp. New module for smb2 which also supports smb3. Various other updates.
tags | tool, web, cracker, imap
systems | cisco, unix
MD5 | 7a2f54980ce44aff0cc047fb75751dba
Cisco Adaptive Security Appliance Software 9.7 Arbitrary File Deletion
Posted Jul 29, 2020
Authored by 0xmmnbassel

Cisco Adaptive Security Appliance Software version 9.7 unauthenticated arbitrary file deletion exploit.

tags | exploit, arbitrary
systems | cisco
advisories | CVE-2020-3187
MD5 | 2053bb9eac204ac9b709cb174adc0f1d
Cisco ASA / FTD Remote File Disclosure
Posted Jul 29, 2020
Authored by MrCl0wn Lab | Site github.com

This Python script checks whether the target server is vulnerable to CVE-2020-3452, a vulnerability in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) products that can allow for remote file disclosure.

tags | exploit, remote, python
systems | cisco
advisories | CVE-2020-3452
MD5 | ce6d90fc11286f40ae29b48e9bcc545d
Cisco AnyConnect Path Traversal / Privilege Escalation
Posted Jun 25, 2020
Authored by Yorick Koster, Christophe de la Fuente, Antoine Goichot | Site metasploit.com

The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to version 4.8.02042 is vulnerable to path traversal and allows local attackers to create/overwrite files in arbitrary locations with system level privileges. The attack consists in sending a specially crafted IPC request to the TCP port 62522 on the loopback device, which is exposed by the Cisco AnyConnect Secure Mobility Agent service. This service will then launch the vulnerable installer component (vpndownloader), which copies itself to an arbitrary location before being executed with system privileges. Since vpndownloader is also vulnerable to DLL hijacking, a specially crafted DLL (dbghelp.dll) is created at the same location vpndownloader will be copied to get code execution with system privileges. This exploit has been successfully tested against Cisco AnyConnect Secure Mobility Client versions 4.5.04029, 4.5.05030 and 4.7.04056 on Windows 10 version 1909 (x64) and Windows 7 SP1 (x86).

tags | exploit, arbitrary, x86, local, tcp, code execution
systems | cisco, windows, 7
advisories | CVE-2020-3153
MD5 | 0ce466f922be78b19e5b1169c13ef711
Cisco UCS Director Cloupia Script Remote Code Execution
Posted Jun 5, 2020
Authored by mr_me, wvu | Site metasploit.com

This Metasploit module exploits an authentication bypass and directory traversals in Cisco UCS Director versions prior to 6.7.4.0 to leak the administrator's REST API key and execute a Cloupia script containing an arbitrary root command. Note that the primary functionality of this module is to leverage the Cloupia script interpreter to execute code. This functionality is part of the application's intended operation and considered a "foreverday." The authentication bypass and directory traversals only get us there. If you already have an API key, you may set it in the API_KEY option. The LEAK_FILE option may be set if you wish to leak the API key from a different absolute path, but normally this isn't advisable. Tested on Cisco's VMware distribution of 6.7.3.0.

tags | exploit, arbitrary, root
systems | cisco
advisories | CVE-2020-3243, CVE-2020-3250
MD5 | a3283617421910d08a845659be600c53
Cisco Digital Network Architecture Center 1.3.1.4 Cross Site Scripting
Posted May 12, 2020
Authored by Dylan Garnaud, Benoit Malaboeuf

Cisco Digital Network Architecture Center version 1.3.1.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
advisories | CVE-2019-15253
MD5 | feb8e9e65a6290bd7cb40a92790b9e16
Cisco AnyConnect Secure Mobility Client 4.8.01090 Privilege Escalation
Posted Apr 21, 2020
Authored by Yorick Koster, Securify B.V.

Cisco AnyConnect Secure Mobility Client for Windows version 4.8.01090 suffer from a privilege escalation vulnerability due to insecure handling of path names.

tags | exploit
systems | cisco, windows
advisories | CVE-2020-3153
MD5 | e5a3959bc7c5608c73bf90960397d443
Cisco IP Phone 11.7 Denial Of Service
Posted Apr 17, 2020
Authored by Jacob Baines

Cisco IP Phone version 11.7 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | cisco
advisories | CVE-2020-3161
MD5 | 9ae93c7c36b4741bda68dc135166ed33
Cisco Unified Contact Center Express Privilege Escalation
Posted Feb 25, 2020
Authored by Jamie R

Cisco Unified Contact Center Express suffers from a privilege escalation vulnerability.

tags | advisory
systems | cisco
advisories | CVE-2019-1888
MD5 | 614b86f032bbc9466892166a5a1742b9
Cisco Data Center Network Manager 11.2.1 Command Injection
Posted Feb 6, 2020
Authored by mr_me

Cisco Data Center Network Manager version 11.2.1 remote command injection exploit.

tags | exploit, remote
systems | cisco
advisories | CVE-2019-15977, CVE-2019-15978
MD5 | f78d9a450e8dddba0757fc613e10da7a
Cisco Data Center Network Manager 11.2.1 SQL Injection
Posted Feb 6, 2020
Authored by mr_me

Cisco Data Center Network Manager version 11.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
systems | cisco
advisories | CVE-2019-15976, CVE-2019-15984
MD5 | e52727f67ec73f54a1870891d9e11891
Cisco Data Center Network Manager 11.2 Remote Code Execution
Posted Feb 6, 2020
Authored by mr_me

Cisco Data Center Network Manager version 11.2 remote code execution exploit.

tags | exploit, remote, code execution
systems | cisco
advisories | CVE-2019-15975
MD5 | ebfd0aee7d0a59ad770e679268463c0e
Cisco Discovery Protocol (CDP) Remote Device Takeover
Posted Feb 5, 2020
Authored by Barak Hadad, Yuval Sarel, Ben Seri | Site armis.com

Armis has discovered five critical, zero-day vulnerabilities in various implementations of the Cisco Discovery Protocol (CDP) that can allow remote attackers to completely take over devices.

tags | advisory, remote, vulnerability, protocol
systems | cisco
advisories | CVE-2020-3110, CVE-2020-3111, CVE-2020-3118, CVE-2020-3119, CVE-2020-3120
MD5 | 7757dbb411e6c03282748d0e682b3406
Debian Security Advisory 4607-1
Posted Jan 20, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4607-1 - Lukas Kupczyk reported a vulnerability in the handling of chunked HTTP in openconnect, an open client for Cisco AnyConnect, Pulse and GlobalProtect VPN. A malicious HTTP server (after having accepted its identity certificate), can provide bogus chunk lengths for chunked HTTP encoding and cause a heap-based buffer overflow.

tags | advisory, web, overflow
systems | cisco, linux, debian
advisories | CVE-2019-16239
MD5 | 6cbb058b70a03ea1bda3ffe2cb05aeaa
Cisco DCNM JBoss 10.4 Credential Leakage
Posted Jan 8, 2020
Authored by Harrison Neal

Cisco DCNM JBoss version 10.4 suffers from a credential leakage vulnerability.

tags | exploit, info disclosure
systems | cisco
advisories | CVE-2019-15999
MD5 | f2b2bc3ee27fbddf61de2d091386e2bd
Cisco WLC 2504 8.9 Denial Of Service
Posted Dec 4, 2019
Authored by SecuNinja

Cisco WLC 2504 version 8.9 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | cisco
advisories | CVE-2019-15276
MD5 | 9215aa968b49d3b98e32f665f3d9a9ea
Debian Security Advisory 4535-1
Posted Sep 29, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4535-1 - Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | cisco, linux, debian
advisories | CVE-2019-5094
MD5 | 43e0fb16ab09b3a1d1e9431d5401b18a
Generic Zip Slip Traversal
Posted Sep 12, 2019
Authored by sinn3r, Snyk | Site metasploit.com

This is a generic arbitrary file overwrite technique, which typically results in remote command execution. This targets a simple yet widespread vulnerability that has been seen affecting a variety of popular products including HP, Amazon, Apache, Cisco, etc. The idea is that often archive extraction libraries have no mitigations against directory traversal attacks. If an application uses it, there is a risk when opening an archive that is maliciously modified, and results in the embedded payload to be written to an arbitrary location (such as a web root), and results in remote code execution.

tags | exploit, remote, web, arbitrary, root, code execution
systems | cisco
MD5 | ff948c64df1f6f021439eaa12e78eb94
Cisco Content Security Virtual Appliance M380 IronPort Remote Cross Site Host Modification
Posted Sep 9, 2019
Authored by Todor Donev

Cisco Content Security Virtual Appliance M380 IronPort remote cross site host modification demo exploit.

tags | exploit, remote
systems | cisco
MD5 | a98fd2e94251ea2edc1d831fe438607d
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
Posted Sep 4, 2019
Authored by T. Weber | Site sec-consult.com

Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities.

tags | exploit, vulnerability
systems | cisco
advisories | CVE-2014-4043, CVE-2014-9402, CVE-2014-9761, CVE-2014-9984, CVE-2015-1472, CVE-2015-5277, CVE-2015-7547, CVE-2015-8778, CVE-2015-8779, CVE-2015-9261, CVE-2016-2147, CVE-2016-2148, CVE-2016-6301, CVE-2017-1000366, CVE-2017-16544, CVE-2018-20679, CVE-2019-5747
MD5 | c446ad84eeb90a116264677ada159562
Page 1 of 76
Back12345Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close