[webapps] Spring Cloud Gateway 3.1.0 – Remote Code Execution (RCE)
Posted by deepcore under Security (No Respond)
Archive for March, 2022
[webapps] part-db 0.5.11 – Remote Code Execution (RCE)
Posted by deepcore under Security (No Respond)
[local] Malwarebytes 4.5 – Unquoted Service Path
Posted by deepcore under Security (No Respond)
https://atsamart.go.th
Posted by deepcore under defacement (No Respond)
https://atsamart.go.th notified by 1877
Tags: defacementhttp://www.yasothon.go.th/index.php
Posted by deepcore under defacement (No Respond)
http://www.yasothon.go.th/index.php notified by djebbaranon
Tags: defacementBackdoor.Win32.Augudor.a Remote File Write / Code Execution
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.Augudor.a malware suffers from an unauthenticated remote file write vulnerability that allows for remote code execution.
Backdoor.Win32.BNLite Buffer Overflow
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.BNLite malware suffers from a buffer overflow vulnerability.
Polkit pkexec Privilege Escalation
Posted by deepcore under exploit (No Respond)
This is a Metasploit module for the argument processing bug in the polkit pkexec binary that leads to privilege escalation. It leverages the raw C exploit.
Backdoor.Win32.FTP.Nuclear.10 Hardcoded Credential
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.FTP.Nuclear.10 malware suffers from a hardcoded credential vulnerability.
Backdoor.Win32.DirectConnection.103 Weak Hardcoded Password
Posted by deepcore under exploit (No Respond)
Backdoor.Win32.DirectConnection.103 malware suffers from a weak hardcoded password vulnerability.