Core Impact Security and Penetration Testing Updates

Core Impact Threat Intelligence Exploits, Security and Penetration Testing Updates

We provide real-time updates including new penetration testing exploits and tests for additional platforms as they become available. We advise you of any new modules by email, after which you can download them directly from within Core Impact. All product updates are free during the license period. You're always on the cutting edge of vulnerability and threat intelligence because Core Impact keeps you there.

Fill out the form to sign up for email updates

Use the controls below to navigate Core Impact exploits and other modules.

Title Description Vulnerabilty Category Platform
Advantech WebAccess Webvrpcs ViewDll1 Buffer Overflow Exploit The specific flaw exists within implementation of the 0x138bd IOCTL in the webvrpcs process. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. CVE-2018-7499 Exploits/Remote Windows
DVD X Player Standard Buffer Overflow Exploit A Buffer Overflow exists in DVD X Player Standard when parsing .plf files. The vulnerability is caused due to a boundary error when handling a crafted .plf files. CVE-2018-9128 Exploits/Client Side Windows
Microsoft Windows Win32k SetImeinfoEx Privilege Escalation Exploit An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2018-8120 Exploits/Local Windows
DiskBoss Enterprise Buffer Overflow Exploit DiskBoss is prone to a buffer-overflow when handling specially crafted packets. No authentication is required. CVE-2018-5262 Exploits/Remote Windows
Speculative Store Bypass Checker (CVE-2018-3639) Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. CVE-2018-3639 Exploits/Tools Linux
Dell EMC Data Protection Advisor Remote OS Command Injection Exploit Dell EMC Data Protection Advisor contains an Authentication Bypass vulnerability and a OS Command Injection vulnerability, which allows attackers to gain arbitrary code execution on the affected system. CVE-2017-10955 Exploits/Authentication Weakness/Known Vulnerabilities Windows
Tp-link EAP Controller Exploit Tp-link EAP Controller does not handle privilege management correctly so a non privileged user can execute privileged actions. This module will try to change the device's settings and enable ssh in order to take control of the managed Access Points. CVE-2018-10168 Exploits/Authentication Weakness/Known Vulnerabilities Windows, Linux
Rockwell Automation RSLogix Micro Starter Lite Project File Exploit The specific flaw exists within the parsing of a RSS file. The issue lies in the failure to properly validate the length of user-supplied data prior to copying it to a fixed-length buffer. CVE-2016-5814 Exploits/Client Side Windows
Easy File Sharing Web Server POST Request Buffer Overflow Exploit Easy File Sharing Web Server is prone to a buffer-overflow when handling a specially crafted POST request. NOCVE-9999-108129 Exploits/Remote Windows
OMRON CX-One CX-FLnet Cdmapi32 Buffer Overflow Exploit The specific flaw exists within the processing of FLN files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. CVE-2018-8834 Exploits/Client Side Windows
OMRON CX-One CX-Programmer Buffer Overflow Exploit The specific flaw exists within the processing of CXP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. CVE-2018-7514 Exploits/Client Side Windows
DiskBoss Enterprise Remote Buffer Overflow Exploit DiskBoss Enterprise server is prone to a remote buffer-overflow vulnerability. NOCVE-9999-105410 Exploits/Remote Windows
Disk Pulse Enterprise GET Buffer Overflow Exploit Disk Pulse server is prone to a buffer-overflow vulnerability when handling a crafted POST request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM priviledges. CVE-2017-15663 Exploits/Remote Windows
Disk Savvy Enterprise Buffer Overflow Exploit This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. CVE-2018-6481 Exploits/Remote Windows
Drupal Form API Ajax Requests Remote OS Command Injection Exploit Drupal is prone to an OS command injection vulnerability that allows attackers to take advantage of an improper validation of user-supplied data in the Form API Ajax Requests. CVE-2018-7600 Exploits/OS Command Injection/Known Vulnerabilities Linux
VX Search Command Name Buffer Overflow Exploit VX Search Enterprise is prone to a buffer-overflow vulnerability when handling a crafted request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges. NOCVE-9999-106404 Exploits/Remote Windows
ALLPlayer M3U Buffer Overflow Exploit A UNICODE Buffer Overflow exists in AllPlayer 7.5 when parsing .m3u files. The vulnerability is caused due to a boundary error when handling a crafted .m3u files. CVE-2013-7409 Exploits/Client Side Windows
HPE Operations Orchestration Central Java Deserialization Vulnerability Remote Code Execution Exploit A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely. CVE-2017-8994 Exploits/OS Command Injection/Known Vulnerabilities Windows
Omron CX-Supervisor Project File Exploit Omron CX-Supervisor is prone to a buffer overflow when handling specially crafted project files. CVE-2018-7513 Exploits/Client Side Windows
Microsoft Office Equation Editor Memory Corruption Exploit (CVE-2018-0802) Update The vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory. CVE-2018-0802 Exploits/Client Side Windows
Microsoft Office Memory Corruption Exploit (CVE-2017-11826) Update A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. CVE-2017-11826 Exploits/Client Side Windows
MalwareFox AntiMalware Privilege Escalation Exploit An issue was discovered in MalwareFox AntiMalware. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by sending IOCTL 0x80002010 and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to elevate privileges. CVE-2018-6606 Exploits/Local Windows
ASX to MP3 converter ASX Buffer Overflow Exploit A Buffer Overflow exist in ASX to MP3 when parsing .ASX files. The vulnerability is caused due to a boundary error when handling a crafted .ASX files. CVE-2017-15083 Exploits/Client Side Windows
Kingsoft Internet Security Local Privilege Escalation Exploit This vulnerability allows local attackers to escalate privileges on vulnerable installations of Kingsoft Internet Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaws exists within the processing of IOCTL 0x80030004 or 0x80030008 by the KWatch3.sys (internet security) kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel stack buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. CVE-2017-14606 Exploits/Local Windows
IBM Informix Open Admin Tool SOAP welcomeServer PHP Remote Code Execution Exploit IBM Informix Open Admin Tool is vulnerable to an unauthenticated php remote code execution, allowing attackers to execute arbitrary php code in the system. CVE-2017-1092 Exploits/Remote Code Execution Linux
Sync Breeze Enterprise Import Command Buffer Overflow Exploit A Buffer Overflow exists in Sync Breeze Enterprise 10.4.18 when parsing .XML files by Command Import. The vulnerability is caused due to a boundary error when handling a crafted .XML files. CVE-2017-7310 Exploits/Client Side Windows
Symantec Messaging Gateway performRestore OS Command Injection Exploit Symantec Messaging Gateway is prone to an Authentication Bypass vulnerability that allows attackers to take advantage of an improper validation of user-supplied data in the RestoreAction.performRestore method. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. CVE-2017-6327 Exploits/OS Command Injection/Known Vulnerabilities Linux
Meltdown Checker Update (CVE-2017-5154) This module performs a local check in order to detect if the target is vulnerable to CVE 2017-5154 (aka Meltdown). This update adds Windows support. CVE-2017-5754 Exploits/Tools Windows, Linux
Linux Kernel Dirty COW Race Condition Privilege Escalation Exploit Update This module exploits a race condition vulnerability in the Linux Kernel via MAP_PRIVATE COW. The bug relies in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. This update improves the post-escalation execution. CVE-2016-5195 Exploits/Local Linux
Spectre Checker (CVE-2017-5153) Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre CVE-2017-5153 Exploits/Tools Windows, Linux