2022 May

Konica Minolta bizhub MFP Printer Terminal Sandbox Escape

Posted by deepcore under exploit (No Respond)

Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape with root access and have clear-text password vulnerabilities.

F5 BIG-IP 16.0.x Remote Code Execution

Posted by deepcore under exploit (No Respond)

F5 BIG-IP version 16.0.x remote code execution exploit.

Royal Event Management System 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

Royal Event Management System version 1.0 suffers from a remote SQL injection vulnerability.

Ransom.REvil MVID-2022-0596 Code Execution

Posted by deepcore under exploit (No Respond)

REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and terminate. We do not need to rely on […]

TLR-2005KSH Arbitrary File Delete

Posted by deepcore under exploit (No Respond)

TLR-2005KSH suffers from an arbitrary file deletion vulnerability.

College Management System 1.0 SQL Injection

Posted by deepcore under exploit (No Respond)

College Management System version 1.0 suffers from a remote SQL injection vulnerability.

AppleVideoDecoder CreateHeaderBuffer Out-Of-Bounds Free

Posted by deepcore under exploit (No Respond)

AppleVideoDecoder suffers from an out-of-bounds free vulnerability. The attached video file contains a malformed HEVC Decoder Configuration Record that leads to an out-of-bounds free in CreateHeaderBuffer. When copying the VPS, PPS and SPS, the destination pointer is incremented, and if the copied data is larger than the length specified in the input file, it breaks […]

F5 BIG-IP iControl Remote Code Execution

Posted by deepcore under exploit (No Respond)

This Metasploit module exploits an authentication bypass vulnerability in the F5 BIG-IP iControl REST service to gain access to the admin account, which is capable of executing commands through the /mgmt/tm/util/bash endpoint. Successful exploitation results in remote code execution as the root user.

Ransom.REvil MVID-2022-0595 Code Execution

Posted by deepcore under exploit (No Respond)

REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and terminate. We do not need to rely on […]

Ransom.REvil MVID-2022-0597 Code Execution

Posted by deepcore under exploit (No Respond)

REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and terminate. We do not need to rely on […]

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Konica Minolta bizhub MFP Printer Terminal Sandbox Escape

F5 BIG-IP 16.0.x Remote Code Execution

Royal Event Management System 1.0 SQL Injection

Ransom.REvil MVID-2022-0596 Code Execution

TLR-2005KSH Arbitrary File Delete

College Management System 1.0 SQL Injection

AppleVideoDecoder CreateHeaderBuffer Out-Of-Bounds Free

F5 BIG-IP iControl Remote Code Execution

Ransom.REvil MVID-2022-0595 Code Execution

Ransom.REvil MVID-2022-0597 Code Execution

Tabs Switcher

Categories

Archives

Meta

BLOGROLL