A vulnerability in the library Apache Santuario SAML SSO (Single Sign-On) method used by Zoho ManageEngine products allows to unauthenticated remote code attackers to execute system commands. This modules uses a specially crafted SAML against Zoho ManageEngine ServiceDesk Plus to execute system commands to deploy an agent. The deployed agent will run with the root user account privileges on Linux systems and with SYSTEM privileges on Windows systems.
An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
This module uses NTLM reflection to achieve a SYSTEM handle for elevation of privilege.
This module exploits an Arbitrary File Deletion performed by an unprivileged user in any protected folder. Before deleting the file, this module backups the file in the user temp folder
This module exploits a deserialization vulnerability present in Microsoft.Exchange.Data.SerializationTypeConverter class when converting powershell remoting objects. This module bypasses the IIS URL Rewrite rules given by Microsoft. This is achieved by not using the autodiscover path confusion (CVE-2022-41040). The deployed agent will run with the SYSTEM privileges.
The LenovoDiagnosticsDriver.sys driver in the HardwareScanPlugin of Lenovo Vantage before 1.3.0.5 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.
The vulnerability is an Arbitrary File Delete Write which can be used to achieve an agent with elevated privileges.
This module produces an out of bounds and generate a Denial of Service