Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Fill out the form to sign up for email updates

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Category Platform
Iolo System Shield AntiVirus and AntiSpyware Arbitrary Write Amp Local Privilege Escalation Exploit In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability. CVE-2018-5701 Exploits/Local Windows
Boxoft WAV to MP3 Converter Buffer Overflow Exploit A Buffer Overflow exists when parsing .wav files. The vulnerability is caused due to a boundary error when handling a crafted .wav files. CVE-2015-7243 Exploits/Client Side Windows
ABB Panel Builder bemodbus Heap Overflow Exploit ABB Panel Builder is prone to a Heap-Overflow when handling specially cracted .PBA files. CVE-2018-10616 Exploits/Client Side Windows
Opsview Monitor testnotification Remote OS Command Injection Exploit Opsview Web Management console allows to an authenticated administrator to test notifications that are triggered under certain configurable events. The 'value' parameter is not properly sanitized, leading to an arbitrary command injection executed on the system with nagios user privileges. CVE-2018-16146 Exploits/OS Command Injection/Known Vulnerabilities Linux
Hewlett Packard Enterprise Intelligent Management Center tftpserver getFileData Exploit The specific flaw exists within the handling of the m_pkg_LimitSize parameter provided to the tftpserver. CVE-2018-10594 Exploits/Remote Windows
Oracle WebLogic Server RMI Registry UnicastRef Object Java Deserialization Remote Code Execution Exploit Oracle WebLogic Server is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution. CVE-2017-3248 Exploits/Remote Solaris, Windows, Linux
Eaton 9000XDrive TLF File Buffer Overflow Exploit The specific flaw exists within the processing of a TLF file. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. CVE-2018-8847 Exploits/Client Side Windows
Sophos SafeGuard Enterprise Arbitrary Write SGStDrvm Local Privilege Escalation Exploit Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via multiple IOCTLs. CVE-2018-6854 Exploits/Local Windows
SoftNAS Cloud OS Command Injection Exploit SoftNAS Cloud is a software-defined NAS filer delivered as a virtual storage appliance that runs within public, private or hybrid clouds. SoftNAS Cloud provides enterprise-grade NAS capabilities, including encryption, snapshots, rapid rollbacks, and cross-zone high-availability with automatic failover. A command injection vulnerability was found in the web administration console. In particular, snserv script did not sanitize some input parameters before executing a system command. CVE-2018-14417 Linux
Wecon LeviStudioU Screenhelper BgOnOffBitAddr Buffer Overflow Exploit The specific flaw exists within the handling of UMP files. When parsing the BgOnOffBitAddr element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator CVE-2018-10602 Exploits/Client Side Windows
Wecon LeviStudioU Usermanage GroupList Description Buffer Overflow Exploit This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU UserManage. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the UserMgr.xml file. When parsing the GroupList Description element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of Administrator. CVE-2018-10602 Exploits/Client Side Windows
Sophos SafeGuard Enterprise Arbitrary Write Value IOCTL 802022E0 Local Privilege Escalation Exploit Sophos SafeGuard Enterprise, SafeGuard Easy, and SafeGuard LAN Crypt are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. By crafting an input buffer we can control the execution path to the point where the constant 0x12 will be written to a user-controlled address. We can take advantage of this condition to modify the SEP_TOKEN_PRIVILEGES structure of the Token object belonging to the exploit process and grant SE_DEBUG_NAME privilege. This allows the exploit process to interact with higher privileged processes running as SYSTEM and execute code in their security context. CVE-2018-6857 Exploits/Local Windows
CMS Made Simple moduleinterface.php Remote PHP File Upload Vulnerability Exploit CMS Made Simple allows remote authenticated administrators to execute arbitrary PHP code via file upload using admin/moduleinterface.php CVE-2018-1000094 Exploits/Remote File Inclusion/Known Vulnerabilities Windows, Linux
Oracle VirtualBox crUnpackTexGendv Buffer Overflow DoS The specific flaw exists within the crUnpackTexGendv method. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to crash the VirtualBox process used for open the target. CVE-2018-2688 Denial of Service/Local Windows, Linux
Tomabo MP4 Player Stack Overflow Exploit A Stack Overflow exists when parsing .m3u files. The vulnerability is caused due to a boundary error when handling a crafted .m3u files. NOCVE-9999-110771 Exploits/Client Side Windows
Cisco UCS Manager ping OS Command Injection Exploit Cisco UCS Manager contains a OS Command Injection vulnerability in /settings/ping function, which allows unauthenticated attackers to gain arbitrary code execution on the affected system. CVE-2017-12243 Exploits/OS Command Injection/Known Vulnerabilities Linux
NoMachine Nxfuse Uninitialised Stack Variable Privilege Escalation Exploit An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine allows a local low privileged user to gain elevation of privileges. CVE-2018-6947 Exploits/Local Windows
AMD PlaysTV Service Privilege Escalation Exploit In the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local) path as SYSTEM when the execute_installer parameter is used in an HTTP message. CVE-2018-6546 Exploits/Local Windows
Beckhoff TwinCAT Local Privilege Escalation Exploit Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges. CVE-2018-7502 Exploits/Local Windows
QNAP Qcenter Virtual Appliance Remote OS Command Injection Exploit QNAP Qcenter Virtual Appliance contains multiples vulnerabilities which allows authenticated attackers to gain arbitrary code execution on the affected system with root privileges. CVE-2018-0706 Exploits/OS Command Injection/Known Vulnerabilities Linux
Acrobat Reader DC Double-Free Vulnerability Exploit Adobe Reader has a built-in sandbox feature that usually makes exploitation difficult. By combining vulnerabilities, this attack achieves code execution and then bypasses the sandbox protection to fully compromise the targeted system. CVE-2018-4990 Exploits/Client Side Windows
Apache CouchDB Remote OS Command Injection Exploit Apache CouchDB contains an Authentication Bypass vulnerability and a OS Command Injection vulnerability, which allows attackers to gain arbitrary code execution on the affected system. CVE-2017-12635 Exploits/Authentication Weakness/Known Vulnerabilities Linux
Zip-n-Go Buffer Overflow Exploit A Buffer Overflow exists in Zip-n-Go 4.9 when parsing .ZIP files. The vulnerability is caused due to a boundary error when handling a crafted .ZIP files. NOCVE-9999-109691 Exploits/Client Side Windows
Delta Industrial Automation COMMGR Buffer Overflow Exploit Delta Industrial COMMGR is prone to a buffer overflow when handling spacially crafted packets. CVE-2018-10594 Exploits/Remote Windows
Microsoft Internet Explorer VBScript UAF Exploit A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. CVE-2018-8174 Exploits/Client Side Windows
MS17-010 support update 2 Eternalromance targets were added to this module (Win 2000 to Win 2016) CVE-2017-0143 Exploits/Remote Windows
Delta Industrial Automation WPLSoft File Parsing Buffer Overflow Exploit Update The specific flaw exists within the processing of DVP files. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. This update adds CVE number and corrects some xml tags. CVE-2018-7507 Exploits/Client Side Windows
Dup Scout Enterprise Import Command Local Buffer Overflow Exploit A Buffer Overflow exists when parsing .XML files by Command Import. The vulnerability is caused due to a boundary error when handling a crafted .XML files. CVE-2017-7310 Exploits/Client Side Windows
Advantech WebAccess webvrpcs viewdll1 VdBroadWinGetLocalDataLogEx Buffer Overflow Exploit The specific flaw exists within the implementation of the 0x13C80 IOCTL in the BwOpcTool subsystem in VdBroadWinGetLocalDataLogEx. When parsing the NamedObject structure, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length buffer. CVE-2018-8845 Exploits/Remote Windows
PhpCollab editclient.php PHP File Upload Remote Code Execution Exploit PhpCollab is vulnerable to an unauthenticated php remote file inclusion, allowing attackers to execute arbitrary php code in the system. CVE-2017-6090 Exploits/Remote File Inclusion/Known Vulnerabilities Windows, Linux