Core Certified Exploits

Expert validated exploits for safe and effective pen tests

Exploit development can be an advanced penetration testing skill that takes time to master. Additionally, when on a job, pen testers often don’t have the resources to create a new exploit. Many resort to searching for and using pre-written exploits that have not been tested and must go through the timely effort of quality assurance testing in order to ensure they are secure and effective. 

Core Impact users can save time by finding all the up-to-date exploits they need in one place. We provide a robust library of exploits designed to enable pen testers to safely and efficiently conduct successful penetration tests. Whether written by our own internal team or by a third party like ExCraft, you can trust they have been thoroughly tested and validated by our experts.

Stay Informed of New Core Certified Exploits

Subscribe to receive regular email updates on new exploits available for Core Impact

 

Browse the Core Certified Exploit Library

We provide pen testers with real-time updates for a wide range of exploits for different platforms, operating systems, and applications. 

 

Search our continuously growing library to discover an exploit that will allow you to gain and retain access on the target host or application.

Title Description Date Added CVE Link Exploit Platform Exploit Type Product Name
TP-Link TL-WA855RE Device Reset Auth Bypass vulnerability TP-Link TL-WA855RE V5_200415 Device Reset Auth Bypass vulnerability May 9, 2021 Exploits / Client Side IOT
Windows Win32k xxxClientAllocWindowClassExtraBytes Privilege Escalation Exploit Update This vulnerability is caused by xxxClientAllocWindowClassExtraBytes callback in win32kfull!xxxCreateWindowEx. The callback causes the setting of a kernel struct member and its corresponding flag to be out of sync.

This Update adds support for Windows 10 2004 and 20H2
May 7, 2021 Windows Exploits / Local Impact
VMware vCenter Server uploadova TAR Directory Traversal Remote Code Execution Exploit Unauthenticated file upload vulnerability via uploadova plugin in VMware vCenter Server to upload and extract a TAR file.

The TAR file contains a path traversal that allows writing files at arbitraries locations.
May 3, 2021 Windows, Linux Exploits / Remote Impact
Microsoft Windows Print Spooler Service Arbitrary File Write Elevation of Privilege Vulnerability Exploit An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. April 27, 2021 Windows Exploits / Local Impact
Windows Win32k xxxClientAllocWindowClassExtraBytes Privilege Escalation Exploit This vulnerability is caused by xxxClientAllocWindowClassExtraBytes callback in win32kfull!xxxCreateWindowEx. The callback causes the setting of a kernel struct member and its corresponding flag to be out of sync. April 19, 2021 Windows Exploits / Local Impact
Sudo Setcmnd Heap Buffer Overflow Local Privilege Escalation Exploit Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

April 15, 2021 Linux Exploits / Local Impact
Microsoft Windows DNS Server SIGRed Remote Code Execution Exploit A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability. April 6, 2021 Windows Exploits / Remote Impact
SmartPTT Arbitrary File Upload SmartPTT Arbitrary File Upload April 6, 2021 Exploits / Remote SCADAPRO
Beckhoff TwinCAT 3x EventConfigurator Remote Code Execution Vulnerability This module will receive HTTP requests from vulnerable clients and install agents on them. April 6, 2021 Exploits / Client Side SCADAPRO
SmartPTT Session Keys Disclosure SmartPTT Information Disclosure April 6, 2021 Exploits / Remote SCADAPRO
ADLINK AD-Logger V1.20 Remote Code Execution Vulnerability This module will receive HTTP requests from vulnerable clients and install agents on them. April 6, 2021 Exploits / Client Side SCADAPRO
ioBroker 1.5.14 Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in ioBroker April 6, 2021 Windows Exploits / Remote SCADA
ADwin software package CD 6.00.28.03 Remote File Create Vulnerability This module will receive HTTP requests from vulnerable clients and install agents on them. April 6, 2021 Exploits / Client Side SCADA
Beckhoff CP-Link 3 1.7.31.0 CplGfxClient Denial of Service Remote Denial Beckhoff CP-Link 3 1.7.31.0 April 6, 2021 Windows Denial of Service / Remote SCADA
WebHMI_XSS WebHMI 4.0.7348 suffers from persistent cross site scripting vulnerability.
It is located on the page for creating a new connection.
An attacker with administrator rights can create a new connection and specify an xss injection in the name field.
XSS injection will be triggered on the 'host/setup/registers/list.php' page
April 6, 2021 Exploits / Cross Site Scripting SCADA
Digitus DN-16048 Camera Remote Configuration Disclosure Digitus DN-16048 Camera Remote Configuration Disclosure April 6, 2021 Exploits / Client Side IOT
Y-Cam IP Cameras Denial of service Denial of service Y-Cam IP Cameras Exploit April 6, 2021 Windows Denial of Service / Remote IOT
Comba AC2400 Wi-Fi Access Controller Password Disclosure Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesnt require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login information is stored in cleartext. April 6, 2021 Exploits / Client Side IOT
ZTE C520V21 smart camera Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in ZTE C520V21 smart IP camera April 6, 2021 Windows Exploits / Remote IOT
Dell KACE Systems Management Appliance (K1000) Unauthenticated RCE The KACE Systems Management Appliance (SMA) helps you accomplish these goals by automating complex administrative tasks and modernizing your unified endpoint management approach. This makes it possible for you to inventory all hardware and software, patch mission-critical applications and OS, reduce the risk of breach, and assure software license compliance. So youre able to reduce systems management complexity and safeguard your vulnerable endpoints. April 6, 2021 Exploits / Remote IOT
D-Link ADSL ROUTER DSL-2730U Password Disclosure D-Link ADSL ROUTER DSL-2730U Password Disclosure April 6, 2021 Exploits / Client Side IOT
F5 BIG-IP iControl REST API Remote Code Execution Exploit This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management interface and self IP addresses, to execute arbitrary system commands, create or delete files, and disable services. This vulnerability can only be exploited through the control plane and cannot be exploited through the data plane. Exploitation can lead to complete system compromise. The BIG-IP system in Appliance mode is also vulnerable March 30, 2021 Linux Exploits / OS Command Injection / Known Vulnerabilities Impact
Microsoft Exchange Proxylogon Remote Code Execution Vulnerability Exploit A combination of a server-side request forgery vulnerability and an arbitrary file write vulnerability, allows unauthenticated attackers to execute commands with SYSTEM privileges in Microsoft Exchange Server. March 26, 2021 Windows Exploits / Remote Code Execution Impact
Microsoft Windows splwow64 Untrusted Pointer Dereference Privilege Escalation Exploit Update The specific flaw exists within the user-mode printer driver host process splwow64.exe. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges from low integrity and execute code in the context of the current user at medium integrity.



This update improves the reliability and adds support for more patch levels.
March 19, 2021 Windows Exploits / Local Impact
Point of View SCADA/HMI software Remote Code Execution Vulnerability This module will listen for HTTP requests from vulnerable clients and queue client side exploits as HTTP responses in an attempt to install an OS agent on the client. March 8, 2021 Exploits / Client Side SCADAPRO