This module exploits an authentication bypass vulnerability present in iControl REST of F5 BIG-IP. The deployed agent will run with root privileges.

This module exploits an authentication bypass vulnerability present in iControl REST of F5 BIG-IP. The deployed agent will run with root privileges.

This module uses an unsafe data binding used to populate an object from request parameters to set a Tomcat specific ClassLoader in Spring MVC and Spring WebFlux applications in order to upload and execute a JSP file in the Tomcat virtual file system webapps directory.

This module exploits a JNDI injection present in the log4j library. The deployed agent will run with the same privileges than the user account that ran Solr Server. This exploit will fail if the target system has jdk8u191 or newer.

This module uses an authenticated JNDI injection vulnerability via JndiBindingHandle class in Oracle Weblogic Server to upload and execute a java class file to gain arbitrary code execution on the affected system.

This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management interface and self IP addresses, to execute arbitrary system commands, create or delete files, and disable services. This vulnerability can only be exploited through the control plane and cannot be exploited through the data plane. Exploitation can lead to complete system compromise. The BIG-IP system in Appliance mode is also vulnerable.

Apache Unomi allows conditions to use OGNL and MVEL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process.

This module exploits a OS Command Injection via ASP.NET markup vulnerability present in the WikiContentWebpart Web Part of Microsoft SharePoint Server to deploy an agent. The deployed agent will run with the SharePoint Server service account privileges.

This module exploits a deserialization vulnerability present in WebParts object via TypeConverters of Microsoft SharePoint Server to deploy an agent. The deployed agent will run with the SharePoint Server service account privileges.

This module exploits a deserialization vulnerability present in the DataSet object of Microsoft SharePoint Server to deploy an agent. The deployed agent will run with the SharePoint Server service account privileges.