Subscribe via feed.
Archive for May, 2022

Konica Minolta bizhub MFP Printer Terminal Sandbox Escape

Posted by deepcore under exploit (No Respond)

Last Updated on May 13, 2022 by deepcore Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape with root access and have clear-text password vulnerabilities.

F5 BIG-IP 16.0.x Remote Code Execution

Posted by deepcore under exploit (No Respond)

Last Updated on May 13, 2022 by deepcore F5 BIG-IP version 16.0.x remote code execution exploit.

Royal Event Management System 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Last Updated on May 13, 2022 by deepcore Royal Event Management System version 1.0 suffers from a remote SQL injection vulnerability.

Ransom.REvil MVID-2022-0596 Code Execution

Posted by deepcore under exploit (No Respond)

Last Updated on May 13, 2022 by deepcore REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and […]

TLR-2005KSH Arbitrary File Delete

Posted by deepcore under exploit (No Respond)

Last Updated on May 13, 2022 by deepcore TLR-2005KSH suffers from an arbitrary file deletion vulnerability.

College Management System 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Last Updated on May 13, 2022 by deepcore College Management System version 1.0 suffers from a remote SQL injection vulnerability.

AppleVideoDecoder CreateHeaderBuffer Out-Of-Bounds Free

Posted by deepcore under exploit (No Respond)

Last Updated on May 13, 2022 by deepcore AppleVideoDecoder suffers from an out-of-bounds free vulnerability. The attached video file contains a malformed HEVC Decoder Configuration Record that leads to an out-of-bounds free in CreateHeaderBuffer. When copying the VPS, PPS and SPS, the destination pointer is incremented, and if the copied data is larger than the […]

F5 BIG-IP iControl Remote Code Execution

Posted by deepcore under exploit (No Respond)

Last Updated on May 13, 2022 by deepcore This Metasploit module exploits an authentication bypass vulnerability in the F5 BIG-IP iControl REST service to gain access to the admin account, which is capable of executing commands through the /mgmt/tm/util/bash endpoint. Successful exploitation results in remote code execution as the root user.

Ransom.REvil MVID-2022-0595 Code Execution

Posted by deepcore under exploit (No Respond)

Last Updated on May 13, 2022 by deepcore REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and […]

Ransom.REvil MVID-2022-0597 Code Execution

Posted by deepcore under exploit (No Respond)

Last Updated on May 13, 2022 by deepcore REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and […]