Core Certified Exploits

Expert validated exploits for safe and effective pen tests

Exploit development can be an advanced penetration testing skill that takes time to master. Additionally, when on a job, pen testers often don’t have the resources to create a new exploit. Many resort to searching for and using pre-written exploits that have not been tested and must go through the timely effort of quality assurance testing in order to ensure they are secure and effective. 

Core Impact users can save time by finding all the up-to-date exploits they need in one place. We provide a robust library of exploits designed to enable pen testers to safely and efficiently conduct successful penetration tests. Whether written by our own internal team or by a third party like ExCraft, you can trust they have been thoroughly tested and validated by our experts.

Stay Informed of New Core Certified Exploits

Subscribe to receive regular email updates on new exploits available for Core Impact

 

Browse the Core Certified Exploit Library

We provide pen testers with real-time updates for a wide range of exploits for different platforms, operating systems, and applications. 

 

Search our continuously growing library to discover an exploit that will allow you to gain and retain access on the target host or application.

Title Description Date Added CVE Link Exploit Platform Exploit Type Product Name
Appear TV XC5000 and XC5100 devices Directory Traversal This module exploits a directory traversal vulnerability in Appear TV devices June 29, 2020 CVE-2018-7539 Windows Exploits / Remote IOT
Mozilla WebThings Authorized File Delete Mozilla WebThings Authorized File Delete June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Remote IOT
SEGGER embOS/IP FTP Server Denial of Service Remote SEGGER embOS/IP FTP Server 3.22 allows remote attackers to cause a denial of service (daemon crash) via an invalid LIST, STOR, or RETR command. June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Windows Denial of Service / Remote IOT
Netgear DGN1000 Unauthenticated Remote Code Execution (Reboot) OS command execution vulneralbility in the setup.cgi file in Netgear DGN1000 firmware versions up to 1.1.00.48, and DGN2000v1 models June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Remote IOT
D-Link DIR850L credential disclosure vulnerability This module exploits a Information Disclosure vulnerability in D-Link DIR850L June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Windows Exploits / Remote IOT
TrendNet TEW-751DR, TEW-752DRU, TEW733GR routers Information Disclosure TrendNet TEW-751DR, TEW-752DRU, TEW733GR routers credential disclosure vulnerability June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Client Side IOT
DBPower C300 HD Camera Remote Configuration Disclosure DBPower C300 HD Camera Remote Configuration Disclosure June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Client Side IOT
Netgear DGN2200 DGND3700 Admin Password Disclosure Vulnerability This module exploits a Information Disclosure vulnerability in Netgear DGN2200 DGND3700 June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Windows Exploits / Remote IOT
ZTE ZXHN H108N Information Disclosure Vulnerability ZTE ZXHN H108N Information Disclosure vulnerability June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Client Side IOT
MajorDoMo DB Backup Disclosure MajorDoMo 1.2.0b DB Backup Disclosure June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Remote File Disclosure SCADA
Cisco RV300 RV320 Information Disclosure Cisco RV300 and RV320 suffer from an information disclosure vulnerability. June 29, 2020 CVE-2019-1653 Exploits / Client Side IOT
Honeywell IP-Camera HICC-1100PT Password Disclosure Vulnerability Honeywell IP-Camera (HICC-1100PT) allows to unauthenticated user disclose the username and password remotely. June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Client Side IOT
Belkin N600DB Wireless Router Remote Command Injection (reboot) Belkin N600DB Wireless Router hardware version: F9K1102as v3, firmware version: 3.04.11 unauthenticated remote command execution June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Remote IOT
Easy Internet Sharing Proxy Server SEH Buffer Overflow This module exploits a buffer overflow and installs an agent into the target host. June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Windows Exploits / Remote IOT
Mozilla WebThings Authorized Remote Code Execution Mozilla WebThings 0.10.0 Remote Code Execution June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Remote Code Execution IOT
Vonage VDV-23 Denial of Service This module exploits a vulnerability in Vonage VDV-23. June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Windows Exploits / Remote IOT
D-Link DNS-325 ShareCenter Command Injection (reboot) OS command execution vulneralbility in the photocenter_mgr.cgi file in Dlink DNS-325 ShareCenter firmware versions up to 1.05B03 June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Remote IOT
D-Link DIR8xx routers credential disclosure vulnerability D-Link DIR8xx routers - credential disclosure vulnerability June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Client Side IOT
D-Link DIR-859 Unauthenticated Information Disclosure D-Link DIR-859 Unauthenticated Information Disclosure June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Exploits / Client Side IOT
Miele Professional PG 8528 Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in embeded webserver PST10 June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Windows Exploits / Remote IOT
VelotiSmart WiFi B-380 Camera Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in FVelotiSmart Camera June 29, 2020 CVE 2018-14064 Windows Exploits / Remote IOT
HiSilicon hi3520d and similar system Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in HiSilicon hi3520d June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Windows Exploits / Remote IOT
Cisco RV130W 1.0.3.44 Denial Of Service D-Link DIR8xx routers - credential disclosure vulnerability June 29, 2020 CVE-2019-1663 Exploits / Client Side IOT
FLIR AX8 Thermal Camera Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in FLIR AX8 Thermal Camera June 29, 2020 https://cve.mitre.org/cgi-bin/cvename.cgi?name= Windows Exploits / Remote IOT
Aptina AR0130 960P 1.3MP Camera Remote Configuration Disclosure Aptina AR0130 960P 1.3MP Camera Remote Configuration Disclosure June 29, 2020 CVE-2019-20213 Exploits / Client Side IOT