The Hunk Companion plugin version 1.9.0 is vulnerable to unauthenticated plugin installation due to a flaw in the permission_callback for the /wp-json/hc/v1/themehunk-import endpoint. This vulnerability allows unauthorized attackers to install and activate any plugin from the WordPress.org repository.
Two critical vulnerabilities found in TP-Link VN020-F3v(T) router's UPnP implementation affecting the WANIPConnection service. These vulnerabilities enable unauthenticated attackers to trigger denial of service and potential memory corruption via malformed SOAP requests.
The exploit triggers multiple memory corruption vectors in DHCP parsing of TP-Link VN020 F3v(T) TT_V6.2.1021 routers. It involves a stack overflow through an oversized hostname (127 bytes), parser confusion via malformed length fields, and a vendor-specific option parsing edge case. By sending a crafted DHCP DISCOVER packet, the attacker overflows the hostname buffer and corrupts length fields in DHCP options, leading to a service crash.
A critical buffer overflow and memory corruption vulnerability was found in the FTP server implementation of TP-Link VN020-F3v(T) router due to improper input validation of the USER command. Attackers can exploit this issue to manipulate payload size and trigger various failure modes, including delayed crash, immediate crash, and undefined behavior.
The K7 Ultimate Security version less than 17.0.2019, specifically the driver file K7RKScan.sys version 15.1.0.7, allows local users to perform a Denial of Service (DoS) attack by triggering a null pointer dereference from IOCtl 0x222010 and 0x222014. The driver is accessible to all users in the 'Everyone' group, potentially leading to a system crash (BSOD) or other unspecified impacts.
The C program contains a buffer overflow vulnerability due to improper input validation. By sending a specially crafted input, an attacker can overwrite the buffer boundaries and inject malicious code. This can lead to arbitrary code execution and potentially compromise the system. This vulnerability can be identified as CVE-2021-12345.
The exploit involves creating a malicious zip file using the WinRAR software. By crafting a specially designed zip file, an attacker can execute arbitrary code on the target system, potentially leading to remote code execution. This vulnerability has been assigned CVE-2023-38831.
The KiTTY version 0.76.1.13 is vulnerable to a buffer overflow in the 'Start Duplicated Session Hostname' field. By sending a specially crafted payload, an attacker can trigger a buffer overflow condition, potentially leading to arbitrary code execution. This vulnerability has been assigned the CVE identifier CVE-2024-25003.
The exploit allows an attacker to execute arbitrary code by exploiting a buffer overflow vulnerability in KiTTY version 0.76.1.13. By sending a specially crafted payload, an attacker can trigger the overflow and potentially gain remote access to the affected system. This vulnerability has been assigned CVE-2024-25004.
The exploit involves creating a new process in Linux x64 using the execve() system call with an argument of '/bin//sh'. The argument is encrypted using XOR operation. The shellcode author is Alexys (0x177git). The exploit code can be found at https://github.com/0x177git/xor-encrypted-execve-sh.
Services By CQR