Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Fill out the form to sign up for email updates

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Categorysort descending Platform
Apache Struts ClassLoader Manipulation Remote Code Execution Exploit This module exploits a vulnerability in Apache Struts. The specific vulnerability is in the ParametersInterceptor, which allows a direct manipulation of the ClassLoader and as a result an attacker can execute arbitrary Java code in the target machine. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2014-0094 Exploits/Remote Linux
CloudMe Sync Buffer Overflow Exploit Unauthenticated remote attackers that can connect to the "CloudMe Sync" client application listening on port 8888, can send a malicious payload causing a Buffer Overflow condition. This will result in an attacker controlling the programs execution flow and allowing arbitrary code execution on the victims PC. CVE-2018-6892 Exploits/Remote Windows
Bifrost Server Buffer Overflow Exploit Bifrost Server is prone to a buffer overflow vulnerability which can be exploited remotely by sending a specially crafted packet to port TCP/81. NOCVE-9999-58713 Exploits/Remote Windows
MSRPC MSMQ Buffer Overflow exploit update This package updates the MSRPC MSMQ Buffer Overflow exploit module. CVE-2005-0059 Exploits/Remote Windows
CoDeSys SCADA Webserver Buffer Overflow Exploit webserver.exe is a component in 3S CoDeSys for handling the HTTP connections on port 8080. The process is affected by a buffer overflow that copies the input URI in a limited buffer allowing code execution. NOCVE-9999-50546 Exploits/Remote Windows
CA BrightStor Tape Engine buffer overflow exploit This module exploits a buffer overflow in CA Brightstor Tape Engine in BrightStor ARCserve Backup v11.5 CVE-2007-0168 Exploits/Remote Windows
7T Interactive Graphical SCADA System IGSSdataServer Remote Buffer Overflow Exploit Update This module exploits a remote stack-based buffer overflow in IGSSdataServer by sending a malformed packet to the 12401/TCP port. This version add CVE. CVE-2011-1567 Exploits/Remote Windows
MSRPC Server Service Remote Buffer Overflow Exploit (MS08-067) This module exploits a vulnerability in the Microsoft Server service sending a specially crafted RPC request. WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation. CVE-2008-4250 Exploits/Remote Windows
Advantech WebAccess SCADA BwPAlarm Buffer Overflow Exploit Advantech WebAccess SCADA lack of proper validation of user supplied input may allow an attacker to cause the overflow of a buffer overflow and executes remote code. CVE-2018-18999 Exploits/Remote Windows
Apache Struts ClassLoader Manipulation Remote Code Execution Exploit Update This module exploits a vulnerability in Apache Struts. The specific vulnerability is in the ParametersInterceptor, which allows a direct manipulation of the ClassLoader and as a result an attacker can execute arbitrary Java code in the target machine. This update adds support for Apache Struts 2.3.16, Windows (x86 and x64) and Linux (x64) platforms. CVE-2014-0094 Exploits/Remote Windows, Linux
LANDesk Lenovo ThinkManagement Console Remote Command Execution Exploit This module exploits a file upload vulnerability in the LANDesk Lenovo ThinkManagement Console. Unrestricted file upload in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore command in a RunAMTCommand SOAP request. CVE-2012-1195 Exploits/Remote Windows
PowerFolder Server commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit PowerFolder Server is prone to a remote vulnerability that allows attackers to take advantage of a deserialization vulnerability present in the commons-collections Java library. NOCVE-9999-80668 Exploits/Remote Windows, Linux
freeSSHd SSH Server Authentication Bypass Remote Code Execution Exploit Update V2 This update modifies the application version displayed in Quick Information. CVE-2012-6066 Exploits/Remote Windows
Novell ZENworks Asset Management Path Traversal Exploit This module exploits a path traversal vulnerability in Novell ZENworks Asset Management. The flaw exists within the rtrlet component. This process listens on TCP port 8080. When handling an unauthenticated file upload the process does not properly sanitize the path. Directory traversal can be used to drop a file in an arbitrary location and a null byte inserted into the filename to provide arbitrary extension. CVE-2011-2653 Exploits/Remote Windows
Imatix Xitami If-Modified-Since Remote Buffer Overflow Exploit This module exploits a remote stack buffer overflow in the Xitami Server version 2.5c CVE-2007-5067 Exploits/Remote Windows
Jenkins commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit Update Jenkins is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. This update adds proper CVE number, support for Jenkins with HTTPS enabled, and DNS channel support. It also extends on the supported platforms, improves IPv6 functionality and removes redundant code. CVE-2015-8103 Exploits/Remote Windows, Linux
IBM Lotus Domino IMAP Server Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in a Lotus Domino IMAP Server and installs an agent if successful. This vulnerability can be exploited remotely and it does not require user authentication. CVE-2007-1675 Exploits/Remote Windows, AIX
MSRPC SRVSVC NetrpPathCanonicalize Exploit (MS06-040) Update 3 This update improves reliability when it's launched against Windows XP SP1 platforms. This module exploits a remotely exploitable vulnerability in Windows' Server Service (MS06-040) over Microsoft DCERPC (ports 139 and 445). CVE-2006-3439 Exploits/Remote Windows
HP System Management Homepage ginkgosnmp.inc Command Injection Exploit The ginkgosnmp.inc PHP script in HP System Management Homepage is vulnerable to OS command injection. This vulnerability allows remote authenticated attackers to execute arbitrary code on the affected machine with SYSTEM privileges. CVE-2013-3576 Exploits/Remote Windows
Samba Username Map Script Command Injection Exploit The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the SamrChangePassword function, when the "username map script" smb.conf option is enabled. CVE-2007-2447 Exploits/Remote Linux
IBM Lotus Domino BMP parsing Buffer Overflow Exploit Update IBM Domino is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing BMP images. By sending a specially-crafted bitmap image, a remote attacker could overflow a buffer and execute arbitrary code on the system or make the application crash. This version adds support for several Windows versions. CVE-2015-1903 Exploits/Remote Windows
AzeoTech DAQFactory NETB Datagram Parsing Buffer Overflow Exploit A Buffer Overflow exist in DAQFactory service who listens on the UDP port 20034 when logs the informations of the incoming NETB packets. CVE-2011-3492 Exploits/Remote Windows
Microsoft SQL Server sp_replwritetovarbin Remote Heap Overflow Exploit This module exploits a heap-based buffer overflow in the Microsoft SQL Server by sending a specially crafted SQL query. It has two uses: One as a Remote Exploit which needs authentication, and another as an SQL Injection Agent installer module, which needs an SQL Agent as a target. CVE-2008-5416 Exploits/Remote Windows
MSRPC Trend Micro Server Protect buffer overflow exploit Update 2 This update improves the reliability of the exploit. CVE-2007-2508 Exploits/Remote Windows
HP OpenView NNM ovalarm CGI Remote Buffer Overflow Exploit This module exploits a buffer overflow vulnerability in the ovalarm.exe application, part of the HP OpenView Network Node Manager application. The exploit triggers a stack-based buffer overflow by sending a specially crafted HTTP request to the ports 3443/TCP or 80/TCP of the vulnerable system and installs an agent if successful. CVE-2009-4179 Exploits/Remote Windows
Novell Messenger Server Exploit This module sends a http request at nmma.exe service producing a buffer overflow and installs an agent. CVE-2006-0992 Exploits/Remote Windows
Trend Micro OfficeScan Buffer Overflow Exploit The vulnerability is caused due to a boundary error within Trend Micro OfficeScan Corporate Edition when processing passwords with cgiChkMasterPwd.exe vulnerable module. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to this module. CVE-2008-1365 Exploits/Remote Windows
DATAC RealWin Packet Processing Buffer Overflow Exploit DATAC RealWin is prone to a buffer overflow vulnerability. This vulnerability can be exploited remotely by sending a specially crafted packet to port TCP/912. CVE-2010-4142 Exploits/Remote Windows
Lepide Auditor Suite createdb Web Console Database Injection Remote Code Execution Vulnerability Exploit The application allows an attacker to specify a server to perform authentication. That server also allows to execute controlled SQL directly against the database. This module abuses of the previous vulnerabilities in order execute an agent as SYSTEM. NOCVE-9999-96866 Exploits/Remote Windows
Reprise License Manager edit_lf_process Write Arbitrary Files Exploit Update 4 The specific flaw exists within the edit_lf_process resource of the Reprise License Manager service. The issue lies in the ability to write arbitrary files with controlled data. An attacker could leverage this vulnerability to execute arbitrary code under the context of SYSTEM. This update specify information about vulnerable targets and add more targets. NOCVE-9999-74481 Exploits/Remote Windows