Core Certified Exploits

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Subscribe to receive regular updates by email:

 

Browse All Exploits

 

 

Title Description CVE Link Exploit Platform Exploit Type
SAP Netweaver Message Server _MsJ2EE_AddStatistics Memory Corruption Exploit The Message Server component of SAP Netweaver is prone to a memory corruption vulnerability when the _MsJ2EE_AddStatistics function handles a specially crafted request with iflag value 0x0c MS_J2EE_SEND_TO_CLUSTERID, or 0x0d MS_J2EE_SEND_BROADCAST. This vulnerability can be exploited by remote unauthenticated attackers to execute arbitrary code on the vulnerable server. Windows Exploits/Remote
Savant Web Server Remote Buffer Overflow Exploit A remote buffer-overflow vulnerability affects Savant Web Server. This issue occurs because the application fails to validate the length of user-supplied strings before copying them into finite process buffers. Windows Exploits/Remote
SCADA Engine BACnet OPC Client Buffer Overflow Exploit SCADA Engine BACnet OPC Client is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data, when handling crafted .CSV files. Windows Exploits/Client Side
ScadaTEC ModbusTagServer ZIP Buffer Overflow Exploit ScadaTEC ModbusTagServe has a buffer overflow when handling a project file bundled in a zip. Windows Exploits/Client Side
ScadaTEC ScadaPhone ZIP Buffer Overflow Exploit ScadaTEC ScadaPhone has a buffer overflow when handling a project file bundled in a zip. Windows Exploits/Client Side
Schneider Electric Accutech Manager Heap Overflow Exploit This module exploits a heap overflow vulnerability in the Schneider Electric Accutech Manager Server by sending a malformed packet to the 2537/TCP port to execute arbitrary code or crash the server. Windows Exploits/Remote
Schneider Electric Interactive Graphical SCADA System Buffer Overflow Exploit This Stack-based buffer overflow exploits a vulnerability in Schneider Electric's Interactive Graphical SCADA System (IGSS) that allows remote attackers to execute arbitrary code by sending a specially crafted packet to TCP port-12397. Windows Exploits/Remote
Schneider Electric Multiple Products DTM libraries Buffer Overflow Exploit The vulnerability exists within the isObjectModel ActiveX control's RemoveParameter property in Schneider Electric DTM libraries. Windows Exploits/Client Side
Schneider Electric OFS Client Buffer Overflow Exploit When a crafted configuration file is parsed by the client, it may cause a buffer overflow allowing the configuration file execute code on the target PC. Windows Exploits/Client Side
Schneider Electric ProClima MetaDraw ObjLinks Property Exploit The MetaDraw ActiveX control's ObjLinks property can be assigned an attacker-supplied memory address and the control will redirect execution flow to this given memory address. This update add some Av Evasion capabilities Windows Exploits/Client Side
Schneider Electric Serial Modbus Driver Buffer Overflow Exploit The vulnerability is a buffer overflow in Schneider Electric OPC factory Suite which bundle the vulnerable component Schneider Electric Modbus Serial Driver (ModbusDrv.exe). Windows Exploits/Remote
Schneider Electric SoMachine HVAC AxEditGrid ActiveX Exploit The specific flaw exists within the SetDataIntf method of the AxEditGrid control. The control has an untrusted pointer dereference vulnerability because it blindly calls an attacker-supplied memory address. Windows Exploits/Client Side
Schneider Electric U.motion Builder file_picker.php Directory Traversal Arbitrary File Upload Remote Code Execution Exploit This module exploits a directory traversal arbitrary file upload in Schneider Electric U.Motion Builder to install an agent. Exploits/Remote File Inclusion/Known Vulnerabilities
Schneider Electric VAMPSET ASCII Argument Heap Overflow Exploit The vulnerability in VAMPSET is caused by opening crafted VAMPSET disturbance recording files with log ASCII argument. This produce a heap overflow vulnerability when this info is copied to a fixed sized buffer in the heap. Windows Exploits/Client Side
Schneider Electric VAMPSET Channel List Buffer Overflow Exploit The stack overflow vulnerability in VAMPSET is caused by opening crafted VAMPSET disturbance recording files and using Channel List window. The program blindly copies the info of the file without checking the size of this info, overflowing the buffer. Windows Exploits/Client Side
SDP Downloader ASX Buffer Overflow Exploit SDP Downloader contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in SDP Downloader when handling crafted .ASX files. Windows Exploits/Client Side
Serenity Audio Player Buffer Overflow Exploit Serenity Audio Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in Serenity Audio Player when handling .M3U files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .M3U file. Windows Exploits/Client Side
Serv-U Web Client HTTP Request Remote Buffer Overflow Exploit This module exploits a stack overflow in Serv-U Web Client by sending a specially crafted POST request. Windows Exploits/Remote
Serva TFTPD Service Large Read Requests Parsing DoS The Serva32 TFTPD service is vulnerable to a buffer overflow vulnerability when parsing large read requests. When the application reads in a large buffer the application crashes. Windows Denial of Service/Remote
Serva32 HTTP Server GET command DoS Serva32 is prone to a denial of service vulnerability when handling malformed GET commands. Windows Denial of Service/Remote
Shadow Stream Recorder Buffer Overflow Exploit Shadow Stream Recorder is prone to a remote stack-based buffer-overflow vulnerability because the applications fail to perform adequate boundary checks on user-supplied input. Windows Exploits/Client Side
SIDVault LDAP Server Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the LDAP service (sidvault.exe) of the SIDVault LDAP application. The exploit triggers a stack-based buffer overflow by sending a specially crafted packet to port 389/TCP of the vulnerable system and installs an agent if successful. Windows Exploits/Remote
SIELCO SISTEMI Winlog Malformed Packet Stack Buffer Overflow Exploit Stack-based buffer overflow in Sielco Sistemi Winlog when Run TCP/IP server is enabled, allows remote attackers to execute arbitrary code via a crafted 0x02 opcode to TCP port 46823. Windows Exploits/Remote
Siemens SIMATIC WinCC SCADA RegReader ActiveX Buffer Overflow Exploit An unspecified error in the RegReader ActiveX control can be exploited to cause a buffer overflow. Windows Exploits/Client Side
SIEMENS Solid Edge SEListCtrlX ActiveX Memory Write Exploit Siemens Solid Edge SEListCtrlX ActiveX control is prone to an arbitrary memory write vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Windows Exploits/Client Side