This module injects .so library into the remote smbd process. For this exploit to work, a writable shared directory must be available, in order to write an so library. The agent will normally run as the "nobody" user, and will have limited capabilities.

Solarwinds LEM Management Virtual Appliance is prone to a shell escape via OS command injection which allows attackers the execution of system commands.

Remote Code Execution when performing file upload based on Jakarta Multipart parser.

This module exploits a signedness issue in the Linux Kernel. The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to escalate privileges. This module performs a CAP_NET_ADMIN to root privilege escalation.

This module exploits a SQL Injection vulnerability in Joomla which allows gathering of users and password hashes by parsing SQL output errors

PHPMailer is prone to a abuse the mailSend function. This vulnerability allows remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property. The attack will not leave any trace. This exploit installs an OS Agent.

This module exploits a race condition vulnerability in the Linux Kernel via AF_PACKET sockets.

Trend Micro InterScan Web Security Virtual Appliance is prone to an OS command injection which allows attackers the execution of system commands.

Trend Micro Threat Discovery Appliance is prone to an authentication bypass and a command injection wich allows attackers the execution of system commands.

A vulnerability exists in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. By abusing the blockip variable, an attacker can achieve remote code execution.