Core Certified Exploits

Expert validated exploits for safe and effective pen tests

Exploit development can be an advanced penetration testing skill that takes time to master. Additionally, when on a job, pen testers often don’t have the resources to create a new exploit. Many resort to searching for and using pre-written exploits that have not been tested and must go through the timely effort of quality assurance testing in order to ensure they are secure and effective. 

Core Impact users can save time by finding all the up-to-date exploits they need in one place. We provide a robust library of exploits designed to enable pen testers to safely and efficiently conduct successful penetration tests. Whether written by our own internal team or by a third party like ExCraft, you can trust they have been thoroughly tested and validated by our experts.

Stay Informed of New Core Certified Exploits

Subscribe to receive regular email updates on new exploits available for Core Impact

 

Browse the Core Certified Exploit Library

We provide pen testers with real-time updates for a wide range of exploits for different platforms, operating systems, and applications. 

 

Search our continuously growing library to discover an exploit that will allow you to gain and retain access on the target host or application.

Title Description Date Added CVE Link Exploit Platform Exploit Type Product Name
IntegraXor 8.010010 Stable SCADA Remote Denial of Service 0day Remote Denial Of Service in IntegraXor SCADA
This exploit will leave the service unavailable.
Tested on IntegraXor SCADA version 8.0.1001.0 Build 8.0 Stable on Windows 2008 Server x64
Installation file: Ecava-IGX-SCADA-8.0.1001.0-32bit.msi
April 29, 2020 Windows Denial of Service / Remote SCADAPRO
QLogic SANsurfer Fibre Channel Directory Traversal This module exploits a directory traversal vulnerability in SANsurfer Fibre Channel April 29, 2020 Windows Exploits / Remote SCADA
PLC Wireless Router GPN2.4P21-C-CN Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in PLC Wireless Router GPN2.4P21-C-CN April 29, 2020 Windows Exploits / Remote SCADA
Open-AudIT m_devices.php Remote PHP File Upload Vulnerability Exploit The sub_resource_create function of class M_devices in m_devices.php of Open-AudIT 3.2.2 allows remote authenticated users to upload arbitrary PHP files, allowing the execution of arbitrary php code in the system. April 29, 2020 Windows, Linux Exploits / Remote File Inclusion / Known Vulnerabilities Impact
Microsoft Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability Exploit An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status and take control of an affected system. April 28, 2020 Windows Exploits / Local Impact
Duerr Dental Tyscor Pulse DoS PoC 0-Day This module causes a Denial of Service in Duerr Dental Tyscor Pulse. April 25, 2020 Windows Denial of Service / Remote MEDICAL
Softneta MedDream PACS Server Premium Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in Softneta MedDream April 25, 2020 Windows Exploits / Remote MEDICAL
Medtronic Valleylab Software Denial Of Service Vulnerability Remote Denial Of Service in Medtronic Valleylab April 25, 2020 Windows Denial of Service / Remote MEDICAL
iMedDoc Medical Software SQL backup download Vulnerability This module exploits a Information Disclosure vulnerability in iMedDoc April 25, 2020 Windows Exploits / Remote MEDICAL
Virtual Collaborative Environment DoS This module causes a Denial of Service in Virtual Collaborative Environment. April 25, 2020 Windows Denial of Service / Remote MEDICAL
MedITEX Scheduler FirebirdSQL Server Remote Unauthenticated Denial Of Service MediTEX Scheduler Firebird Exploit DoS/POC April 25, 2020 Windows Denial of Service / Remote MEDICAL
MaxSystems Inc MaxRegLib2 ctToolBar.ocx ActiveX Remote Arbitrary File Deletion Vulnerability This module will receive HTTP requests from vulnerable clients and install agents on them. April 25, 2020 Exploits / Client Side MEDICAL
Lytec 2008 (Lytec 2014) Claims Manager Remote Arbitrary File Overwrite This module will receive HTTP requests from vulnerable clients and install agents on them. April 25, 2020 Exploits / Client Side MEDICAL
MediSoft Claim Management Activex 0-Day Remote Arbitrary File Overwrite This module will receive HTTP requests from vulnerable clients and install agents on them. April 25, 2020 Exploits / Client Side MEDICAL
VET-WEB 6.3.8 Information Disclosure Vulnerability This module exploits a Information Disclosure vulnerability in VET-WEB April 25, 2020 Windows Exploits / Remote MEDICAL
Cognex VisionView Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in Cognex VisionView April 25, 2020 Windows Exploits / Remote MEDICAL
Horos 2.1.0 DICOM Medical Image Viewer Remote Denial Of Service Remote Denial Horos DICOM Medical Image Viewer. HorosaC is an open-source, free medical image viewer. The goal of the Horos Project is
to develop a fully functional, 64-bit medical image viewer for OS X. Horos is based upon OsiriX
and other open source medical imaging libraries.

The vulnerability is caused due to the usage of vulnerable collection of libraries that
are part of DCMTK Toolkit, specifically the parser for the DICOM Upper Layer Protocol or DUL.
April 25, 2020 Windows Denial of Service / Remote MEDICAL
Fluke Biomedical Ansur TList7.ocx ActiveX Control Remote Code Execution Vulnerability This module will receive HTTP requests from vulnerable clients and install agents on them. April 25, 2020 Exploits / Client Side MEDICAL
DentalEye (LTDICLib) Remote Arbitrary File Overwrite This module will receive HTTP requests from vulnerable clients and install agents on them. April 25, 2020 Exploits / Client Side MEDICAL
Drager X-dock DxManager Remote Denial of Service Remote Denial Drager X-dock DxManager Software April 25, 2020 Windows Denial of Service / Remote MEDICAL
AxiFirebird Remote Denial Of Service Exploit RemoteThis exploit will leave the service unavailable. April 25, 2020 Windows Denial of Service / Remote MEDICAL
DentalEye (ActiveToolBars) Remote Arbitrary File Overwrite This module will receive HTTP requests from vulnerable clients and install agents on them. April 25, 2020 Exploits / Client Side MEDICAL
OpenMRS Denial Of Service Specially crafted POST request to TomCat http service cause DoS. Checked against OpenMRS version 2.3.1 on Windows 7 x64 sp1. April 25, 2020 Windows Denial of Service / Remote MEDICAL
Rubo DICOM Viewer 2.0 Buffer Overflow Exploit This module exploits a vulnerability in Rubo DICOM Viewer. April 25, 2020 Exploits / Client Side MEDICAL
Dicoogle PACS Directory Traversal Vulnerability This module exploits a directory traversal vulnerability in Dicoogle Picture Archiving and Communications System April 25, 2020 Windows Exploits / Remote MEDICAL