Latest Improvements Shipped to Core Impact 2017 R2

It is our mission to continuously provide to you a comprehensive and up-to-date penetration testing tool to meet the needs of the market. Today we are recapping the 23 total updates that have been shipped to Core Impact 2017 R2 since its release on August 14th 2017. The team has been working hard to develop these improvements in order for our users to continue to experience the maximum value from Core Impact.

  • 23 Updates overall
  • 11 Remote Exploits
  • 9 Client-Side exploits
  • 2 Local Exploits
  • Assorted Exploit Improvements

We have three major updates you can see in Core Impact:

  1. The “Apache Struts 2 REST Plugin XStream Exploit” is the one associated with the vulnerability that lead to the Equifax breach.
  2. The “Microsoft NET Framework SOAP WSDL Parser Code Injection CVE-2017-8759” exploit is related to a Microsoft vulnerability that has been getting some media attention and was being actively exploited in the wild. We released the exploit to our customers just 2 days after Microsoft released the patch.
  3. The “Linux Kernel UFO Memory Corruption Privilege Escalation Exploit CVE-2017-1000112” exploit is an early release privilege escalation exploit.

Here is a complete list of published modules:

Remote Exploits:

  • ATutor AContent ims_import.php Zip File Upload Directory Traversal PHP Remote Code Execution Exploit
  • Schneider Electric U.motion Builder file_picker.php Directory Traversal Arbitrary File Upload Remote Code Execution Exploit
  • Apache Struts 2 REST Plugin XStream Exploit
  • OrientDB Remote Command Execution Exploit
  • Microsoft Windows LNK Shortcut Automatic File Execution Exploit (CVE-2017-8464)
  • Apache Struts 2 ActionMessage Remote Code Execution Exploit
  • CMS Made Simple editusertag.php Remote OS Command Injection Exploit
  • Hewlett Packard Enterprise IMC PLAT dbman Command Injection Exploit
  • MS17-010 Detector update
  • PCMan FTP Server USER Command Buffer Overflow Exploit Update
  • RAT Gh0st Controller Server Buffer Overflow Exploit

Client-Side Exploits:

  • Advantech WebAccess nvA1Media Caption Heap-based Buffer Overflow Remote Code Execution Exploit
  • Advantech WebOP Designer Project File Heap Buffer Overflow Remote Code Execution Exploit
  • Delta Industrial Automation WPLSoft File Parsing Buffer Overflow Exploit
  • Eaton ELCSoft EPC File Buffer Overflow Exploit
  • Fuji Electric Monitouch V-SFT Project File Buffer Overflow Exploit
  • Fuji Electric V Server VPR File Parsing Memory Corruption Exploit
  • Microsoft NET Framework SOAP WSDL Parser Code Injection CVE-2017-8759
  • Mitsubishi Electric E-Designer BEComliSlave Driver Configuration Status_bit Buffer Overflow Exploit
  • Nitro Pro PDF Reader Javascript API Remote Code Execution Exploit

Local Exploits:

  • Linux Kernel UFO Memory Corruption Privilege Escalation Exploit
  • NVIDIA DxgDdiEscape Handler Privilege Escalation Exploit

Maintenance:

  • Assorted Exploit Improvements

 

For more information on Core Impact, visit our product page or request a demo, today!