Impact | Core Security

An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.

This module uses NTLM reflection to achieve a SYSTEM handle for elevation of privilege.

This module can be used to perform a privilege escalation using a misconfiguration on the Object Authorities of a User profile.

CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.

This module exploits an Arbitrary File Deletion performed by an unprivileged user in any protected folder. Before deleting the file, this module backups the file in the user temp folder

A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem.

This module exploits a deserialization vulnerability present in Microsoft.Exchange.Data.SerializationTypeConverter class when converting powershell remoting objects. This module bypasses the IIS URL Rewrite rules given by Microsoft. This is achieved by not using the autodiscover path confusion (CVE-2022-41040). The deployed agent will run with the SYSTEM privileges.

The LenovoDiagnosticsDriver.sys driver in the HardwareScanPlugin of Lenovo Vantage before 1.3.0.5 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.

Subscribe to Impact

Privacy Policy

Cookie Policy

Terms of Service

Accessibility

Impressum