deepcore - :: Deepquest ::

>> QRadar Community Edition 7.3.1.6 Arbitrary Object Instantiation

USER: deepcore // 2020-04-22 // 0 CMT

QRadar Community Edition version 7.3.1.6 is vulnerable to instantiation of arbitrary objects based on user-supplied input. An authenticated attacker can abuse this to perform various types of attacks including server-side…

[EXPLOIT]

>> QRadar Community Edition 7.3.1.6 Authorization Bypass

USER: deepcore // 2020-04-22 // 0 CMT

QRadar Community Edition version 7.3.1.6 suffers from an authorization bypass vulnerability.

[EXPLOIT]

>> QRadar Community Edition 7.3.1.6 Path Traversal

USER: deepcore // 2020-04-22 // 0 CMT

QRadar Community Edition version 7.3.1.6 has a path traversal that exists in the session validation functionality. In particular, the vulnerability is present in the part that handles session tokens (UUIDs)….

[EXPLOIT]

>> Cisco AnyConnect Secure Mobility Client 4.8.01090 Privilege Escalation

USER: deepcore // 2020-04-22 // 0 CMT

Cisco AnyConnect Secure Mobility Client for Windows version 4.8.01090 suffer from a privilege escalation vulnerability due to insecure handling of path names.