Subscribe via feed.
Archive for August, 2022

Win32.Ransom.BlueSky MVID-2022-0632 Code Execution

Posted by deepcore under exploit (No Respond)

The BlueSky Win32.Ransom.BlueSky ransomware looks for and executes arbitrary DLLs in its current working directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our own process ID and terminate. All basic […]

Windows Credential Guard Domain-Joined Device Public Key Privilege Escalation

Posted by deepcore under exploit (No Respond)

On Windows, when registered to use a public key for computer authentication, the certificate is stored in a user accessible registry key leading to elevation of privilege.

Windows Credential Guard Domain-Joined Device Public Key Privilege Escalation

Posted by deepcore under exploit (No Respond)

On Windows, when registered to use a public key for computer authentication, the certificate is stored in a user accessible registry key leading to elevation of privilege.

Readymade Job Portal Script SQL Injection

Posted by deepcore under exploit (No Respond)

Readymade Job Portal Script suffers from a remote SQL injection vulnerability. The researcher requested version information from the vendor while reporting the vulnerability but the company has been unresponsive.

Gas Agency Management 2022 SQL Injection / XSS / Shell Upload

Posted by deepcore under exploit (No Respond)

Gas Agency Management 2022 suffers from cross site scripting, remote SQL injection, and remote shell upload vulnerabilities.

Windows sxs!CNodeFactory::XMLParser_Element_doc_assembly_assemblyIdentity Heap Buffer Overflow

Posted by deepcore under exploit (No Respond)

A heap buffer overflow issue exists in Windows 11 and earlier versions. A malicious application may be able to execute arbitrary code with SYSTEM privileges.

Windows sxssrv!BaseSrvActivationContextCacheDuplicateUnicodeString Heap Buffer Overflow

Posted by deepcore under exploit (No Respond)

A heap buffer overflow issue exists in Windows 11 and earlier versions. A malicious application may be able to execute arbitrary code with SYSTEM privileges.

Windows sxssrv!BaseSrvActivationContextCacheDuplicateUnicodeString Heap Buffer Overflow

Posted by deepcore under exploit (No Respond)

A heap buffer overflow issue exists in Windows 11 and earlier versions. A malicious application may be able to execute arbitrary code with SYSTEM privileges.

Intelbras ATA 200 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Intelbras ATA 200 with firmware version 74.19.10.21 suffers from a persistent cross site scripting vulnerability.

Fiberhome AN5506-02-B Cross Site Scripting

Posted by deepcore under exploit (No Respond)

Fiberhome AN5506-02-B with firmware version RP2521 suffers from a persistent cross site scripting vulnerability.