Oracle WebLogic Server is prone to a remote vulnerability that allows attackers to take advantage of a Java deserialization vulnerability. By exploiting known methods, the module establishes a remote connection to the RMI Registry and loads a UnicastRef Object. This manipulation allows for the execution of system commands, enabling remote code execution on the targeted host. The bypass technique involves changing the RMI interface type to java.rmi.activation.Activator.

This module exploits a path traversal vulnerability present in the accountID parameter of the doPost method of com.ilient.server.UserEntry class to deploy an agent. The vulnerability is used to upload a WAR file inside a subdirectory of the web server's root directory to deploy an agent. The deployed agent will run with the same privileges than the SysAid webapp.

This module exploits a path traversal vulnerability present in the accountID parameter of the doPost method of com.ilient.server.UserEntry class to deploy an agent. The vulnerability is used to upload a WAR file inside a subdirectory of the web server's root directory to deploy an agent. The deployed agent will run with the same privileges than the SysAid webapp.

This module exploits an elevation of privilege vulnerability exists due to the MS KS Server kernel module allow accessing memory out of bounds. The vulnerability could allows an attacker to run code with elevated privileges.

This module uses an improper authorization vulnerability in Atlassian Confluence to replace the database contents and create a new admin user in the target system. The created admin account is then used to upload a Servlet plugin JAR file to deploy an agent. The deployed agent will run with the same privileges than the Confluence instance.

This module exploits an AJP request smuggling vulnerability present in the Traffic Management User Interface (TMUI) of F5 BIG-IP to deploy an agent. The deployed agent will run with root privileges.

This module exploits an AJP request smuggling vulnerability present in the Traffic Management User Interface (TMUI) of F5 BIG-IP to deploy an agent. The deployed agent will run with root privileges.

This module exploits a Java deserialization vulnerability via Openwire protocol by sending a crafted payload as a throwable class type. The deployed agent will run with the same user account privileges as the Apache ActiveMQ application.

This module uses broken access control vulnerability via SafeParametersInterceptor class in Atlassian Confluence to create a new admin user in the target system using the provided credentials. If no credentials are provided, it will generate a random one. This admin account is then used to upload a Servlet plugin JAR file to deploy an agent. The deployed agent will run with the same privileges than the Confluence instance.

The mskssrv.sys driver before 10.0.22621.1 exposes functionality that allows low-privileged users to read and write arbitrary memory via specially crafted IOCTL requests and elevate system privileges.