header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Windows IPv6 CVE-2024-38063 Denial-Of-Service Vulnerability

The exploit targets Windows 10, 11 <10.0.26100.1457 and Server 2016-2019-2022 <10.0.17763.6189, allowing an attacker to cause denial-of-service. By corrupting the tcpip.sys memory per batch, the attacker can disrupt the normal functioning of the system. This vulnerability is identified as CVE-2024-38063.

VMware vCenter Server 6.7 – Authentication Bypass

This exploit allows an attacker to bypass authentication in VMware vCenter Server 6.7. It works by exploiting a vulnerability in the server that allows unauthorized access. The exploit is written in Python and can be used on both Windows and Linux systems. It also includes a vulnerability checker to determine if a system is vulnerable.

VMware vCenter Server 7.0 – Unauthenticated File Upload

CVE-2021-21972 is an unauthenticated file upload and overwrite, exploitation can be done via SSH public key upload or a webshell. The webshell must be of type JSP, and its success depends heavily on the specific vCenter version. Manual verification can be done via https://<ip>/ui/vropspluginui/rest/services/checkmobregister. A white page means vulnerable and a 401 Unauthorized message means patched or workaround implemented (or the system is not completely booted yet). On Linux SSH key upload is always best, when SSH access is possible & enabled. On Linux the upload is done as user vsphere-ui:users and on Windows the upload is done as system user. vCenter 6.5 <=7515524 does not contain the vulnerable endpoint, so webshell upload is not possible.

Oracle WebLogic Server 14.1.1.0 – RCE (Authenticated)

A vulnerability in Oracle WebLogic Server could allow an authenticated, remote attacker to execute arbitrary code on the targeted system. The vulnerability is due to improper validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by sending a crafted request to the targeted system. A successful exploit could allow the attacker to execute arbitrary code on the targeted system with the privileges of the WebLogic server.

Pi-hole 4.4.0 – Remote Code Execution (Authenticated)

This exploit is a native implementation without requirements, written in Python 3. It works equally well on Windows as Linux (as MacOS, probably). It does a reliable check before exploitation (not based on version numbers) and performs normal RCE without Privilege Escalation (which is more trust worthy). It also asks before running Root RCE (as this is more dangerous).

vBulletin 5.6.1 – ‘nodeId’ SQL Injection

A vulnerability in vBulletin 5.6.1 prior to Patch Level 1 allows an attacker to inject arbitrary SQL commands via the 'nodeId' parameter. This can be exploited to gain access to the database and potentially gain remote code execution.

Microsoft Exchange 2019 15.2.221.12 – Authenticated Remote Code Execution

This exploit is a native implementation without requirements, written in Python 2. It works equally well on Windows as Linux (as MacOS, probably ;-). It uses reverse engineered serialization code from https://github.com/pwntester/ysoserial.net to generate a payload and send it to the target server.

eWON v13.0 Authentication Bypass

This script will perform retrieval of clear text credentials for an eWON Flexy router. It combines two vulnerabilities: authentication bypass (fixed in 13.1s0) and a weak password encryption, allowing cleartext password retrievel for all users (fixed in 13.3s0)

Recent Exploits: