Eaton HMISoft is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .VU3 document. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a deserialization vulnerability present in the BrowserNavigationCorrector class of Microsoft SQL Server Reporting Services to deploy an agent. The deployed agent will run with the Report Server service account privileges.
This module exploits a deserialization vulnerability in the Microsoft Exchange Control Panel. The lack of randomization in the validationKey and decryptionKey values allows an attacker to create a crafted viewstate to execute OS commands an deploy an agent. The deployed agent will run with SYSTEM privileges.
This module exploits an OS command injection vulnerability in Kinetica. The lack of sanitisation for the input of the getLogs function could be exploited to allow an authenticated attacker to run remote code on the underlying operating system an deploy an agent.
This module uses an authentication bypass and a SQL injection vulnerability in order to upload and execute a JSP file in the Wildfly virtual file system webapps directory. The deployed agent will run with SYSTEM or ROOT privileges.
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.
This module crashes the target machine producing a blue screen by sending a specially crafted SMB packet
Integard Pro is prone to a buffer-overflow vulnerability when handling a crafted POST packet.
Citrix Application Delivery Controller (ADC) and Gateway are prone to a directory traversal vulnerability that allows attackers to upload an XML file via newbm.pl and execute system commands.
This can be exploited to execute arbitrary code with System privileges. It is working until KB4497727 and KB4495666 for Windows 10 x64 v1903