>> CATEGORY: exploit

Watchguard’s Firebox and XTM appliances suffer from XML external entity injection and XML-RPC user enumeration vulnerabilities.

Mantis Bug Tracker versions 1.3.0 and 2.3.0 suffer from a pre-authentication remote password reset vulnerability.

Linux Kernel version 4.8.0 with udev version 232 suffers from a privilege escalation vulnerability.

Scriptler Jenkins version 2.9 suffers from a cross site scripting vulnerability.

This is a very large archive (500 MB) of all exploits, implants, and more from the Equation Group that has been leaked by the Shadow Brokers as of 04/14/2017. Consider…

EASYBEE is an exploit for the MDaemon private email server. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who claim to have compromised…

EASYPI is a Lotus exploit that leverage CC. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who claim to have compromised data from…

ECLIPSEDWING exploits the SMB vulnerability patched by MS08-67. It affects Microsoft Windows 2000, 2003, and XP. Note that this exploit is part of the recent public disclosure from the “Shadow…

EDUCATEDSCHOLAR exploits the SMB vulnerability patched by MS09-050. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who claim to have compromised data from…

EMERALDTHREAD exploits an SMB vulnerability in Microsoft Windows 2003 and XP. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who claim to have…