This module exploits the unauthenticated endpoint of the Backup Service in Veeam Backup and Replication. The deployed agent will run with the privileges of the "SQL Server" process (NT AUTHORITY\\SYSTEM).
The Ancillary Function Driver (AFD.sys) present in Microsoft Windows is vulnerable to an arbitrary memory overwrite. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by sending a specially crafted IOCTL to the vulnerable driver.
A vulnerability in the library Apache Santuario SAML SSO (Single Sign-On) method used by Zoho ManageEngine products allows to unauthenticated remote code attackers to execute system commands. This modules uses a specially crafted SAML against Zoho ManageEngine ServiceDesk Plus to execute system commands to deploy an agent. The deployed agent will run with the root user account privileges on Linux systems and with SYSTEM privileges on Windows systems.
An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
This module uses NTLM reflection to achieve a SYSTEM handle for elevation of privilege.
This module exploits an Arbitrary File Deletion performed by an unprivileged user in any protected folder. Before deleting the file, this module backups the file in the user temp folder
This module exploits a deserialization vulnerability present in Microsoft.Exchange.Data.SerializationTypeConverter class when converting powershell remoting objects. This module bypasses the IIS URL Rewrite rules given by Microsoft. This is achieved by not using the autodiscover path confusion (CVE-2022-41040). The deployed agent will run with the SYSTEM privileges.
The LenovoDiagnosticsDriver.sys driver in the HardwareScanPlugin of Lenovo Vantage before 1.3.0.5 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.
Pagination
- Previous page
- Page 14
- Next page