This module exploits a buffer overflow on Disk Pulse Formats plugin when parsing a specially crafted .XML file. After the file is downloaded, the user must open it from the application, clicking on the Command option in the menu bar (or right clicking in the middle window), then choosing Import Command ... and selecting the file.
This module uses an arbitrary file upload vulnerability, an authentication bypass (which depends on the target version) and a information disclosure vulnerability in order to upload and execute a WAR file in the Tomcat webapps folder. Since the Apache Tomcat server is running with root (SYSTEM in Windows targets) user, the deployed agent will run with the same privileges.
The pdkinstall development plugin is incorrectly enabled in release builds of Atlassian Crowd and Crowd Data Center. An attacker can leverage this vulnerability to install a malicious plugin and execute code in the system.
An unauthenticated attacker can send a malicious SOAP request to the interface WLS AsyncResponseService to execute code on the vulnerable host. The attacker must have network access to the Oracle Weblogic Server T3 interface.
This module exploits a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. The ContactAdministrators action doesn't require authentication but it's not enabled by default. The SendBulkMail does require authentication and the "JIRA Administrators" access level.
This module triggers a use after free vulnerability in the Remote Desktop Service by sending a malformed RDO packet to the 3389/TCP port.
This module exploits a vulnerability in Edge, getting Full Control over a file. This can be exploited to execute arbitrary code with System privileges.
COM classes used by the VMX process on a Windows host can be hijacked leading to elevation of privilege.
This module exploits a vulnerability in Private Internet Access VPN, loading a malicious OpenSSL engine without checking.
An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations.