Core Certified Exploits

Expert validated exploits for safe and effective pen tests

Exploit development can be an advanced penetration testing skill that takes time to master. Additionally, when on a job, pen testers often don’t have the resources to create a new exploit. Many resort to searching for and using pre-written exploits that have not been tested and must go through the timely effort of quality assurance testing in order to ensure they are secure and effective. 

Core Impact users can save time by finding all the up-to-date exploits they need in one place. We provide a robust library of exploits designed to enable pen testers to safely and efficiently conduct successful penetration tests. Whether written by our own internal team or by a third party like ExCraft, you can trust they have been thoroughly tested and validated by our experts.

Stay Informed of New Core Certified Exploits

Subscribe to receive regular email updates on new exploits available for Core Impact

 

Browse the Core Certified Exploit Library

We provide pen testers with real-time updates for a wide range of exploits for different platforms, operating systems, and applications. 

 

Search our continuously growing library to discover an exploit that will allow you to gain and retain access on the target host or application.

Title Description Date Added CVE Link Exploit Platform Exploit Type Product Name
Mozilla WebThings Authorized File Delete Mozilla WebThings Authorized File Delete June 29, 2020 Exploits / Remote IOT
Yealink VoIP Phone SIP-T38G Local File Inclusion Vulnerability Web interface contain a vulnerability that allow any page to be included.
We are able to disclose /etc/passwd and /etc/shadow
June 29, 2020 Windows Exploits / Remote IOT
DBPower C300 HD Camera Remote Configuration Disclosure DBPower C300 HD Camera Remote Configuration Disclosure June 29, 2020 Exploits / Client Side IOT
Microsoft .NET Framework Elevation of Privilege Vulnerability Exploit An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level. June 23, 2020 Windows Exploits / Local Impact
Trident Z Lighting Control Driver Local Privilege Escalation Exploit The ene.sys driver in Trident Z Lighting Control before v1.00.17 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges. June 19, 2020 Windows Exploits / Local Impact
Advantech WebAccess SCADA DATACORE IOCTL 0x523e Buffer Overflow Exploit The specific flaw exists within DATACORE server. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator. June 18, 2020 Windows Exploits / Remote Impact
OpenAudit Remote Code Execution (CVE-2020-12078) An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to the exec function in the discoveries_helper.php file (inside the all_ip_list function) without being filtered, which means that the attacker can provide a payload instead of a valid IP address. June 12, 2020 Windows, Linux Exploits / OS Command Injection / Known Vulnerabilities Impact
Artica Pandora FMS Events Remote OS Command Injection Exploit The target parameter in events.php in Pandora FMS 7.0NG 742, 743 and 744 allows remote authenticated users to execute arbitrary OS commands. June 10, 2020 Windows, Linux Exploits / OS Command Injection / Known Vulnerabilities Impact
Cisco AnyConnect Secure Mobility Client Uncontrolled Search Path Privilege Escalation Exploit A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. June 5, 2020 Windows Exploits / Local Impact
Eaton HMiSoft VU3 File Parsing Buffer Overflow Exploit The specific flaw exists within the parsing of wTextLen information within VU3 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. June 4, 2020 Windows Exploits / Client Side Impact
ATI Technologies Driver atillk64 Kernel Arbitrary Read Write Local Privilege Escalation Exploit AMD ATI atillk64 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM privileges via a DeviceIoControl call associated with MmMapIoSpace, IoAllocateMdl, MmBuildMdlForNonPagedPool, or MmMapLockedPages. June 2, 2020 Windows Exploits / Local Impact
JVSdicom Server Remote Denial Of Service Exploit RemoteThis exploit will leave the service unavailable. JVSdicom Server is an open source DICOM PACS server application that acts as a Storage Service SCP and as a Query/Retrieve Service SCP. The server is capable of accepting multiple associations simultaneously. The server administrators can configure it to contain several filesystem-based storage areas (with different AE Titles), as well as to limit access to these areas from a pre-defined AE network. Alternatively, the server features a public mode, which can be used to grant open access to the server. May 29, 2020 Windows Denial of Service / Remote MEDICAL
SpiderControl SCADA 6.51.00 Denial Of Service Exploit SpiderControl SCADA Editor Exploit DoS May 29, 2020 Windows Denial of Service / Remote SCADA
Quick N Easy Web Server 3.3.8 Denial of Service Remote Denial Of Service in Quick N Easy Web Server v 3.3.8 May 29, 2020 Windows Denial of Service / Remote SCADA
Cogent DataHub 9.0.x Denial of Service Remote Denial Of Service in Cogent DataHub 9.0.x May 29, 2020 Denial of Service / Remote SCADAPRO
Modbus SCADA ver 2.4.1 Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in Modbus SCADA Web Server May 29, 2020 Windows Exploits / Remote SCADAPRO
Advantech WebAccess SCADA DATACORE IOCTL 0x5227 Buffer Overflow Exploit

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability.



The specific flaw exists within the implementation of IOCTL 0x00005227 in DATACORE.exe. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.
May 28, 2020 Windows Exploits / Remote Impact
Microsoft Exchange Validation Key Remote OS Command Injection Exploit Update .NET deserialization vulnerability in the Microsoft Exchange Control Panel web page allows authenticated attackers to execute OS commands with SYSTEM privileges.

The lack of randomization in the validationKey and decryptionKey values at installation allows an attacker to create a crafted viewstate to execute OS commands via .NET deserialization.



This update adds payload generation error detection and dependencies documentation.
May 27, 2020 Windows Exploits / OS Command Injection / Known Vulnerabilities Impact
WECON LeviStudioU MulStatus szFilename Exploit Update The specific flaw exists within the handling of XML files. When parsing the szFilename attribute of the MulStatus element. This update adds CVE number. May 22, 2020 Windows Exploits / Client Side Impact
Liferay Portal JSONWS Java Deserialization Vulnerability Remote Code Execution Exploit Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS). May 18, 2020 Windows, Linux Exploits / Remote Impact
Oracle Coherence T3 ReflectionExtractor Deserialization Vulnerability Remote Code Execution Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.17, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. May 15, 2020 Windows, Linux Exploits / Remote Impact
WECON LeviStudioU MulStatus szFilename Exploit The specific flaw exists within the handling of XML files. When parsing the szFilename attribute of the MulStatus element. May 11, 2020 Windows Exploits / Client Side Impact
Windows Search Indexer get_RootURL Race Condition Privilege Escalation Exploit A race condition exists in Windows Search Indexer, when the put_RootURL function wrote a user-controlled data in the memory of CSearchRoot+0x14.AT the same time, the get_RootURL function read the data located in the memory of CSearchRoot+0x14.



The vulnerability was caused by the access to a shared variable between two different methods of the same instance .
May 5, 2020 Windows Exploits / Local Impact
Fuji Electric V-Server Lite VPR File Parsing Overflow Exploit The specific flaw exists within the processing of VPR files. April 30, 2020 Windows Exploits / Client Side Impact
Pro-face Pro-Server PCRuntime Remote DoS Remote Denial Of Service in Pro-face Pro-Server EX. April 29, 2020 Windows Denial of Service / Remote SCADAPRO