A vulnerability in the SetupCompleted class allows to unauthenticated remote code attackers to execute system commands. The deployed agent will run with SYSTEM privileges.
This module exploits an OS command injection vulnerability present in the ChangePasswordAction function.
This module exploits an OS command injection vulnerability present in the ChangePasswordAction function.
This module crashes the MSMQ service by sending a malformed UserMessage packet which triggers an integer overflow vulnerability.
The Common Log File System Driver (clfs.sys) present in Microsoft Windows is vulnerable to a memory corruption vulnerability. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by creating a specially crafted BLF file.
This module exploits the unauthenticated endpoint of the Backup Service in Veeam Backup and Replication. The deployed agent will run with the privileges of the "SQL Server" process (NT AUTHORITY\\SYSTEM).
This module exploits an information disclosure vulnerability (CVE-2022-31711), a remote file download vulnerability (CVE-2022-31704), and a directory traversal vulnerability (CVE-2022-31706) in VMware vRealize Log Insight to deploy an agent with root privileges. The vulnerability is exploited via Apache Thrift RPC protocol. The deployed agent will run with the root account privileges.
A command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device.
The Ancillary Function Driver (AFD.sys) present in Microsoft Windows is vulnerable to an arbitrary memory overwrite. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by sending a specially crafted IOCTL to the vulnerable driver.
A vulnerability in the library Apache Santuario SAML SSO (Single Sign-On) method used by Zoho ManageEngine products allows to unauthenticated remote code attackers to execute system commands. This modules uses a specially crafted SAML against Zoho ManageEngine ServiceDesk Plus to execute system commands to deploy an agent. The deployed agent will run with the root user account privileges on Linux systems and with SYSTEM privileges on Windows systems.