:: Deepquest ::

ImpressCMS v1.4.4 – Unrestricted File Upload

Ruijie Reyee Mesh Router – Remote Code Execution (RCE) (Authenticated)

DLINK DIR850 – Insecure Access Control

SAP BusinessObjects Intelligence 4.3 – XML External Entity (XXE)

TCQ – ITeCProteccioAppServer.exe – Unquoted Service Path

An “Incorrect Use of a Privileged API” vulnerability in PrintixService.exe in Printix’s “Printix Secure Cloud Print Management” versions 1.3.1106.0 and below allows a local or remote attacker the ability change all HKEY Windows Registry values as SYSTEM context via the UITasks.PersistentRegistryData parameter.

Cryakl ransomware looks for and loads a DLL named “wow64log.dll” in WindowsSystem32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL will simply display a Win32API message box and call exit(). The exploit DLL must export the “InterlockedExchange” function or it fails with an error. We do […]

Petya ransomware looks for and loads a DLL named “wow64log.dll” in WindowsSystem32. Therefore, we can drop our own DLL to intercept and terminate the malware pre-encryption. The exploit DLL will simply display a Win32API message box and call exit(). The exploit DLL must export the “InterlockedExchange” function or it fails with an error. We do […]

Travel Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Bobby Cooke and hyd3sec in August of 2020.

School Dormitory Management version 1.0 suffers from a remote SQL injection vulnerability.