Core Certified Exploits

Expert validated exploits for safe and effective pen tests

Exploit development can be an advanced penetration testing skill that takes time to master. Additionally, when on a job, pen testers often don’t have the resources to create a new exploit. Many resort to searching for and using pre-written exploits that have not been tested and must go through the timely effort of quality assurance testing in order to ensure they are secure and effective. 

Core Impact users can save time by finding all the up-to-date exploits they need in one place. We provide a robust library of exploits designed to enable pen testers to safely and efficiently conduct successful penetration tests. Whether written by our own internal team or by a third party like ExCraft, you can trust they have been thoroughly tested and validated by our experts.

Stay Informed of New Core Certified Exploits

Subscribe to receive regular email updates on new exploits available for Core Impact

 

Browse the Core Certified Exploit Library

We provide pen testers with real-time updates for a wide range of exploits for different platforms, operating systems, and applications. 

 

Search our continuously growing library to discover an exploit that will allow you to gain and retain access on the target host or application.

Title Description Date Added CVE Link Exploit Platform Exploit Type Product Name
Hisilicon HiIpcam V100R003 Remote ADSL Credentials Disclosure Vulnerability HiIpcam V100R003 Configuration Download Remotely. June 29, 2020 Exploits / Client Side IOT
SIEMENS IP-Camera CVMS2025-IR CCMS2025 Credentials Disclosure Vulnerability SIEMENS IP-Camera CVMS2025-IR - CCMS2025 Information Disclosure vulnerability June 29, 2020 Exploits / Client Side IOT
D-Link DIR605L Denial of Service Remote Denial Of Service in D-Link DIR605L router June 29, 2020 Windows Denial of Service / Remote IOT
Accelrys BIOVIA ActiveX Control Remote File Overwrite Vulnerability This module will receive HTTP requests from vulnerable clients and install agents on them. June 29, 2020 Exploits / Client Side MEDICAL
Vonage VDV-23 Denial of Service This module exploits a vulnerability in Vonage VDV-23. June 29, 2020 Windows Exploits / Remote IOT
D-Link DNS-325 ShareCenter Command Injection (reboot) OS command execution vulneralbility in the photocenter_mgr.cgi file in Dlink DNS-325 ShareCenter firmware versions up to 1.05B03 June 29, 2020 Exploits / Remote IOT
Netgear DGN1000 Unauthenticated Remote Code Execution (Reboot) OS command execution vulneralbility in the setup.cgi file in Netgear DGN1000 firmware versions up to 1.1.00.48, and DGN2000v1 models June 29, 2020 Exploits / Remote IOT
Cisco RV130W 1.0.3.44 Denial Of Service D-Link DIR8xx routers - credential disclosure vulnerability June 29, 2020 Exploits / Client Side IOT
Foscam ip camera IPCWebComponents ActiveX Control Remote DoS Vulnerability This module will receive HTTP requests from vulnerable clients and install agents on them. June 29, 2020 Exploits / Client Side IOT
Miele Professional PG 8528 Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in embeded webserver PST10 June 29, 2020 Windows Exploits / Remote IOT
Yealink VoIP Phone SIP-T38G Local File Inclusion Vulnerability Web interface contain a vulnerability that allow any page to be included.
We are able to disclose /etc/passwd and /etc/shadow
June 29, 2020 Windows Exploits / Remote IOT
Linksys Smart WiFi routers Password hash disclosure Password hash disclosure in Linksys Smart WiFi routers June 29, 2020 Exploits / Remote IOT
HiSilicon hi3520d and similar system Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in HiSilicon hi3520d June 29, 2020 Windows Exploits / Remote IOT
AXIS M1125 Network Camera Remote Command Execution OS command execution vulneralbility in the app_license.shtml?app=ORWELLLABS file in AXIS M1125 firmware versions up to 6.35.2.3 June 29, 2020 Exploits / Remote IOT
D-Link DIR850L credential disclosure vulnerability This module exploits a Information Disclosure vulnerability in D-Link DIR850L June 29, 2020 Windows Exploits / Remote IOT
OpenScada Command Execution OpenScada 0.9.1 Authorized Command Execution June 29, 2020 Linux Exploits / Remote SCADAPRO
MajorDoMo 1.2.0b Command Injection MajorDoMo 1.2.0b Command Injection June 29, 2020 Exploits / Remote Code Execution SCADAPRO
WebLog Expert Web Server Enterprise Denial of Service Denial of service vulnerability present in the web server. Vulnerability is very simple to trigger by sending special crafted GET request June 29, 2020 Windows Denial of Service / Remote IOT
V-SOL GPON/EPON OLT Platform 2.03 Configuration Download Vulnerability V-SOL GPON/EPON OLT Platform 2.03 Configuration Download Remotely. June 29, 2020 Exploits / Client Side IOT
MegaPixel ip web camera Credential Disclosure Vulnerability MegaPixel ip web camera Credential Disclosure vulnerability June 29, 2020 Exploits / Client Side IOT
Revotech I6032B-P POE 1920x1080P 2.0MP Outdoor Camera Remote Configuration Disclosure Revotech I6032B-P POE 1920x1080P 2.0MP Outdoor Camera Remote Configuration Disclosure June 29, 2020 Exploits / Client Side IOT
SEGGER embOS/IP FTP Server Denial of Service Remote SEGGER embOS/IP FTP Server 3.22 allows remote attackers to cause a denial of service (daemon crash) via an invalid LIST, STOR, or RETR command. June 29, 2020 Windows Denial of Service / Remote IOT
Honeywell IP-Camera HICC-1100PT Password Disclosure Vulnerability Honeywell IP-Camera (HICC-1100PT) allows to unauthenticated user disclose the username and password remotely. June 29, 2020 Exploits / Client Side IOT
DBPower C300 HD Camera Remote Configuration Disclosure DBPower C300 HD Camera Remote Configuration Disclosure June 29, 2020 Exploits / Client Side IOT
Aptina AR0130 960P 1.3MP Camera Remote Configuration Disclosure Aptina AR0130 960P 1.3MP Camera Remote Configuration Disclosure June 29, 2020 Exploits / Client Side IOT