exploit the possibilities
Showing 1 - 25 of 1,841 RSS Feed

Operating System: Cisco

Cisco Common Service Platform Collector Hardcoded Credentials
Posted Mar 14, 2019
Authored by David Coomber

The Cisco Common Service Platform Collector versions 2.7.2 through 2.7.4.5 and all releases of 2.8.x prior to 2.8.1.2 contain hardcoded credentials.

tags | advisory
systems | cisco
advisories | CVE-2019-1723
MD5 | b839ff1288a335fb85a4e9618cd7250d
Cisco WebEx Meetings Privilege Escalation
Posted Feb 28, 2019
Authored by Core Security Technologies, Marcos Accossatto | Site coresecurity.com

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow a local attacker to elevate privileges. Cisco Webex Meetings Desktop App versions 33.6.4.15, 33.6.5.2, 33.7.0.694, 33.7.1.15, 33.7.2.24, 33.7.3.7, 33.8.0.779, 33.8.1.13, and 33.8.2.7 are affected.

tags | exploit, local
systems | cisco, windows
advisories | CVE-2019-1674
MD5 | 61e40633787cc4e53f3c37f19e049211
Cisco ISE 2.4.0 XSS / Remote Code Execution
Posted Feb 5, 2019
Authored by Pedro Ribeiro, Dominik Czarnota | Site agileinfosec.co.uk

Cisco Identity Services Engine (ISE) version 2.4.0 suffers from cross site scripting, java deserialization, and in conjunction can lead to remote code execution. Full exploit provided.

tags | exploit, java, remote, code execution, xss
systems | cisco
advisories | CVE-2017-5641, CVE-2018-15440
MD5 | fa717428076a044b9b2d005670cbabd5
Cisco RV300 / RV320 Information Disclosure
Posted Jan 29, 2019
Authored by Harom Ramos

Cisco RV300 and RV320 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
systems | cisco
advisories | CVE-2019-1653
MD5 | 3e274f9cd5167fe2dc1dc9d26e45b852
Cisco Firepower Management Center 6.2.2.2 / 6.2.3 XSS
Posted Jan 29, 2019
Authored by Bhushan B. Patil

Cisco Firepower Management Center versions 6.2.2.2 and 6.2.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
advisories | CVE-2019-1642
MD5 | 019ced418d636f308a58ed2de11f2ff1
Cisco RV320 Command Injection
Posted Jan 24, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router. Versions 1.4.2.15 through 1.4.2.19 are affected. Fixed in version 1.4.2.20.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1652
MD5 | cafb4ced2f3eab94923ea85bcfb23157
Cisco RV320 Unauthenticated Diagnostic Data Retrieval
Posted Jan 24, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered that the Cisco RV320 router exposes sensitive diagnostic data without authentication through the device's web interface. Versions affected include 1.4.2.15 and 1.4.2.17.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1653
MD5 | 91a2e5f5865089a09b9294c78db4dd79
Cisco RV320 Unauthenticated Configuration Export
Posted Jan 24, 2019
Site redteam-pentesting.de

RedTeam Pentesting discovered that the configuration of a Cisco RV320 router may be exported without authentication through the device's web interface. Affected versions include 1.4.2.15 and 1.4.2.17.

tags | exploit, web
systems | cisco
advisories | CVE-2019-1653
MD5 | 26f91421f6edf594c084d8cc00f2287e
Cisco VoIP Script Insertion / Weak Passwords / Undocumented Functionality
Posted Jan 10, 2019
Authored by W. Schober | Site sec-consult.com

Cisco VoIP phone such as models 88XX suffer from script insertion, weak and hard-coded passwords, undocumented debug functionality, and various outdated components with known vulnerabilities.

tags | exploit, vulnerability
systems | cisco
advisories | CVE-2018-0461
MD5 | 58d3ffb956311c84e54d85560df06007
Cisco RV110W Password Disclosure / Command Execution
Posted Dec 14, 2018
Authored by RySh

Cisco RV110W suffers from password disclosure and command execution vulnerabilities.

tags | exploit, vulnerability, info disclosure
systems | cisco
advisories | CVE-2014-0683, CVE-2015-6396
MD5 | eed52ea76fb024c920ddc2cbd7084851
Cisco WebEx Meetings Privilege Escalation
Posted Nov 28, 2018
Authored by Core Security Technologies, Marcos Accossatto | Site coresecurity.com

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow a local attacker to elevate privileges. This vulnerability is related to a previous security issue fixed by Cisco in October. Affected versions include Cisco Webex Meetings Desktop App releases prior to 33.6.4 and Cisco Webex Productivity Tools releases 32.6.0 and later prior to 33.0.6.

tags | exploit, local
systems | cisco, windows
advisories | CVE-2018-15442
MD5 | e0df0d3b74fa1ecc2091d30eb9104327
Cisco Prime Infrastructure Unauthenticated Remote Code Execution
Posted Nov 13, 2018
Authored by Pedro Ribeiro | Site metasploit.com

Cisco Prime Infrastructure (CPI) contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege escalation to root by bypassing execution restrictions in a SUID binary. This Metasploit module exploits these vulnerabilities to achieve unauthenticated remote code execution as root on the CPI default installation. This Metasploit module has been tested with CPI 3.2.0.0.258 and 3.4.0.0.348. Earlier and later versions might also be affected, although 3.4.0.0.348 is the latest at the time of writing. The file upload vulnerability should have been fixed in versions 3.4.1 and 3.3.1 Update 02.

tags | exploit, remote, root, vulnerability, code execution, file upload
systems | cisco
advisories | CVE-2018-15379
MD5 | 2c9170145359581c4c8d1c13f564bce3
Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service
Posted Nov 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. Cisco Immunet versions prior to 6.2.0 and Cisco AMP For Endpoints version 6.2.0 are affected.

tags | exploit, local
systems | cisco, windows
advisories | CVE-2018-15437
MD5 | 7a4ff17f412569211f6751de8fc14501
Cisco WebEx Meetings Server XML Injection
Posted Nov 5, 2018
Authored by Alphan Yavas

Cisco WebEx Meetings Server suffers from an XML external entity injection vulnerability.

tags | exploit
systems | cisco
advisories | CVE-2018-18895
MD5 | 152a45418f4705a70acc44ed4c1917c1
iOS copyin Check Kernel Stack Memory Disclosure
Posted Oct 19, 2018
Authored by Google Security Research, ianbeer

iOS suffers from a kernel stack memory disclosure due to failure to check copyin return value.

tags | advisory, kernel
systems | cisco, ios
advisories | CVE-2018-4363
MD5 | dabae5d2d2f7dfbc02093d00e56e96e6
Cisco Prime Infrastructure Remote Code Execution / Privilege Escalation
Posted Oct 9, 2018
Authored by Pedro Ribeiro

Full write up on the unauthenticated remote code execution and privilege escalation vulnerability in Cisco Prime Infrastructure.

tags | advisory, remote, code execution
systems | cisco
advisories | CVE-2018-15379
MD5 | 463b73ab6b4dc341e0abdb15816e4711
Apple Security Advisory 2018-10-08-1
Posted Oct 9, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-08-1 - iOS 12.0.1 is now available and addresses lock screen issues.

tags | advisory
systems | cisco, apple, ios
advisories | CVE-2018-4379, CVE-2018-4380
MD5 | 7973fb64f647f02a30d5b632ad7521b0
Cisco Prime Infrastructure Unauthenticated Remote Code Execution
Posted Oct 8, 2018
Authored by Pedro Ribeiro | Site metasploit.com

Cisco Prime Infrastructure (CPI) contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege escalation to root by bypassing execution restrictions in a SUID binary. This Metasploit module exploits these vulnerabilities to achieve unauthenticated remote code execution as root on the CPI default installation. This Metasploit module has been tested with CPI 3.2.0.0.258 and 3.4.0.0.348. Earlier and later versions might also be affected, although 3.4.0.0.348 is the latest at the time of writing.

tags | exploit, remote, root, vulnerability, code execution, file upload
systems | cisco
advisories | CVE-2018-15379
MD5 | 05f34986eb4c21ba7fbb27faa2f9bc8f
Apple Security Advisory 2018-9-24-4
Posted Sep 25, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-9-24-4 - APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.

tags | advisory, vulnerability
systems | cisco, apple, ios
advisories | CVE-2016-1777, CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4305, CVE-2018-4306, CVE-2018-4307, CVE-2018-4309, CVE-2018-4311, CVE-2018-4312, CVE-2018-4313, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4321, CVE-2018-4322, CVE-2018-4323, CVE-2018-4325, CVE-2018-4328, CVE-2018-4329, CVE-2018-4333, CVE-2018-4335, CVE-2018-4336, CVE-2018-4338, CVE-2018-4344
MD5 | be61103916d6a6155c475e643895c9b9
Apple Security Advisory 2018-9-17-1
Posted Sep 17, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-9-17-1 - iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.

tags | advisory, vulnerability
systems | cisco, apple, ios
advisories | CVE-2016-1777, CVE-2018-4305, CVE-2018-4307, CVE-2018-4313, CVE-2018-4322, CVE-2018-4325, CVE-2018-4329, CVE-2018-4330, CVE-2018-4335, CVE-2018-4338, CVE-2018-4352, CVE-2018-4356, CVE-2018-4362, CVE-2018-4363, CVE-2018-5383
MD5 | 94c7b08f05542c1e82ef6e458f60b472
Cisco Umbrella Roaming Client 2.0.168 Privilege Escalation
Posted Sep 6, 2018
Authored by ParagonSec

Cisco Umbrella Roaming Client version 2.0.168 suffers from a privilege escalation vulnerability.

tags | exploit
systems | cisco
advisories | CVE-2018-0437, CVE-2018-0438
MD5 | 077c7382cf0843a8338f4cafa0c01262
Cisco AnyConnect Secure Mobility Client 4.6.01099 Denial Of Service
Posted Aug 30, 2018
Authored by Luis Martinez

Cisco AnyConnect Secure Mobility Client version 4.6.01099 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | cisco
MD5 | 5ed808e3cadb933dedf1473553a3dc6e
Cisco Network Assistant 6.3.3 Denial Of Service
Posted Aug 28, 2018
Authored by Luis Martinez

Cisco Network Assistant version 6.3.3 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | cisco
MD5 | 375bcf577cae1bcc14c321a3df4e319b
Linkedin iOS 9.11.8592.4 CPU Resource Exhaustion
Posted Aug 2, 2018
Authored by Juan Sacco

Linkedin mobile iOS application version 9.11.8592.4 suffers from a CPU resource exhaustion vulnerability.

tags | exploit, denial of service
systems | cisco, ios
MD5 | 548e38902cc5abaceaeb0c3f8618bdd6
Cisco Adaptive Security Appliance Path Traversal
Posted Jul 23, 2018
Authored by Angelo Ruwantha, Yassine Aboukir | Site metasploit.com

This Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques.

tags | exploit
systems | cisco
advisories | CVE-2018-0296
MD5 | bea90e46bf066fcc060cb43fe700e2fe
Page 1 of 74
Back12345Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close