>> ARCHIVE: 2021-06

Proof of concept exploit for a remote code execution vulnerability in Microsoft’s RDP service.

GetSimple CMS version 3.3.4 suffers from an information disclosure vulnerability.

Apache Airflow versions 1.10.10 and below suffer from a remote code execution vulnerability.

Intel Audio Service version 01.00.1080.0 suffers from an unquoted service path vulnerability.

Products.PluggableAuthService version 2.6.0 suffers from an open redirection vulnerability.

Backdoor.Win32.Delf.acz malware suffers from a buffer overflow vulnerability.

Seo Panel version 4.8.0 suffers from multiple cross site scripting vulnerabilities.

Thecus N4800Eco NAS server control panel suffers from a command injection vulnerability.

This Metasploit module exploits a SQL injection vulnerability in Cacti versions 1.2.12 and below. An admin can exploit the filter variable within color.php to pull arbitrary values as well as…