This module exploits an authentication bypass in Veeam.Backup.ServiceLib.CForeignInvokerNegotiateAuthenticator.Authenticate. Then a file upload present in ExecuteUploadManagerPerformUpload is used to copy the Web.config file to the Webapp root foler in order to extract the machineKey values to create a ysoserial.NET payload to execute commands. The deployed agent will run with the privileges of the "IIS Worker Process" process (NT AUTHORITY\\NETWORK SERVICE).
This module exploits a JNDI injection present in the log4j library. The deployed agent will run with the same privileges than the user account that ran Solr Server. This exploit will fail if the target system has jdk8u191 or newer.
This module exploits a JNDI injection present in the log4j library. The deployed agent will run with the root user account privileges on Linux systems and with SYSTEM privileges on Windows systems.
This module exploits a heap overflow in ntfs.sys by calling to the "NtQueryEaFile" function with crafted parameters.
This module exploits a path traversal vulnerability present in the getPluginAssets function of Grafana which allows an attacker to download system files through specially crafted HTTP resource requests.
This module exploits a JNDI injection present in the log4j library. The deployed agent will run with the root user account privileges on Linux systems and with SYSTEM privileges on Windows systems.
This module exploits a deserialization vulnerability present in the TypedBinaryFormatter class. The deployed agent will run with the SYSTEM privileges.
An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
This module exploits a Java unsafe reflection and a Server Side Request Forgery vulnerabilities present in ProxygenController class via POST requests to the /ui/h5-vsan/rest/proxy/service endpoint. The deployed agent will run with the vsphere-ui user account privileges.
This module exploits a deserialization vulnerability present in MeetingPollHandler handler when using a ProposeOptionsMeetingPollParameters type. The deployed agent will run with the SYSTEM privileges.
Pagination
- Previous page
- Page 17
- Next page