#ExploitObserverAlert
PD/http/vulnerabilities/other/lucee-unset-credentials
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/http/vulnerabilities/other/lucee-unset-credentials. The Lucee admin panel has a first-time setup page which allows any user to set the administrator password.
PD/http/vulnerabilities/other/lucee-unset-credentials
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/http/vulnerabilities/other/lucee-unset-credentials. The Lucee admin panel has a first-time setup page which allows any user to set the administrator password.
#ExploitObserverAlert
CVE-2024-20335
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20335. A vulnerability in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform command injection attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.
FIRST-EPSS: 0.000430000
CVE-2024-20335
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20335. A vulnerability in the web-based management interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform command injection attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2024-20301
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20301. A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of the affected device. An attacker with primary user credentials could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the affected device without valid permissions.
FIRST-EPSS: 0.000430000
CVE-2024-20301
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20301. A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, physical attacker to bypass secondary authentication and access an affected Windows device. This vulnerability is due to a failure to invalidate locally created trusted sessions after a reboot of the affected device. An attacker with primary user credentials could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the affected device without valid permissions.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2024-20338
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20338. A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerability by copying a malicious library file to a specific directory in the filesystem and persuading an administrator to restart a specific process. A successful exploit could allow the attacker to execute arbitrary code on an affected device with root privileges.
FIRST-EPSS: 0.000430000
CVE-2024-20338
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20338. A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this vulnerability by copying a malicious library file to a specific directory in the filesystem and persuading an administrator to restart a specific process. A successful exploit could allow the attacker to execute arbitrary code on an affected device with root privileges.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
WLB-2024030012
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030012. elFinder Web file manager Version 2.1.53 Remote Command Execution.
WLB-2024030012
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030012. elFinder Web file manager Version 2.1.53 Remote Command Execution.
#ExploitObserverAlert
EDB-51865
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51865. GLiNet - Router Authentication Bypass
EDB-51865
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51865. GLiNet - Router Authentication Bypass
#ExploitObserverAlert
EDB-51864
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51864. elFinder Web file manager Version - 2.1.53 Remote Command Execution
EDB-51864
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51864. elFinder Web file manager Version - 2.1.53 Remote Command Execution
#ExploitObserverAlert
CVE-2024-2176
DESCRIPTION: Exploit Observer has 4 entries in 1 file formats related to CVE-2024-2176. Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
FIRST-EPSS: 0.000430000
CVE-2024-2176
DESCRIPTION: Exploit Observer has 4 entries in 1 file formats related to CVE-2024-2176. Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
WLB-2024030010
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030010. Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal.
WLB-2024030010
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030010. Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal.
#ExploitObserverAlert
WLB-2024030009
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030009. GLiNet Router Authentication Bypass.
WLB-2024030009
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030009. GLiNet Router Authentication Bypass.
#ExploitObserverAlert
WLB-2024030008
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030008. Maxima Max Pro Power BLE Traffic Replay.
WLB-2024030008
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030008. Maxima Max Pro Power BLE Traffic Replay.
#ExploitObserverAlert
WLB-2024030011
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030011. A-PDF All to MP3 Converter 2.0.0 DEP Bypass via HeapCreate + HeapAlloc.
WLB-2024030011
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024030011. A-PDF All to MP3 Converter 2.0.0 DEP Bypass via HeapCreate + HeapAlloc.
#ExploitObserverAlert
EDB-51862
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51862. CVE-2023-50071 - Multiple SQL Injection
EDB-51862
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51862. CVE-2023-50071 - Multiple SQL Injection
#ExploitObserverAlert
GHSA-h59x-p739-982c
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to GHSA-h59x-p739-982c. LangChain directory traversal vulnerability
GHSA-h59x-p739-982c
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to GHSA-h59x-p739-982c. LangChain directory traversal vulnerability
#ExploitObserverAlert
BDU:2024-01744
DESCRIPTION: Exploit Observer has 16 entries in 3 file formats related to BDU:2024-01744. The vulnerability of the jsoup Java library for data analysis, extraction, and management in HTML documents, related to lack of protection measures for the web page structure, allowing an attacker to perform cross-site scripting attacks (XSS). Vulnerability in the jsoup Java library for data analysis, extraction, and management in HTML documents is related to lack of protection measures for the web page structure. Exploiting the vulnerability may allow a remote attacker to execute cross-site scripting attacks (XSS).
BDU:2024-01744
DESCRIPTION: Exploit Observer has 16 entries in 3 file formats related to BDU:2024-01744. The vulnerability of the jsoup Java library for data analysis, extraction, and management in HTML documents, related to lack of protection measures for the web page structure, allowing an attacker to perform cross-site scripting attacks (XSS). Vulnerability in the jsoup Java library for data analysis, extraction, and management in HTML documents is related to lack of protection measures for the web page structure. Exploiting the vulnerability may allow a remote attacker to execute cross-site scripting attacks (XSS).
#ExploitObserverAlert
CVE-2024-20292
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20292. A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of an unencrypted registry key in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view sensitive information in clear text.
FIRST-EPSS: 0.000430000
CVE-2024-20292
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20292. A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system. This vulnerability is due to improper storage of an unencrypted registry key in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view sensitive information in clear text.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
EDB-51861
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51861. Lot Reservation Management System - Unauthenticated File Disclosure
EDB-51861
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51861. Lot Reservation Management System - Unauthenticated File Disclosure
#ExploitObserverAlert
MSF/auxiliary_gather/gitlab_tags_rss_feed_email_disclosure
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to MSF/auxiliary_gather/gitlab_tags_rss_feed_email_disclosure. An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. It is possible to read the user email address via tags feed although the visibility in the user profile has been disabled.
MSF/auxiliary_gather/gitlab_tags_rss_feed_email_disclosure
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to MSF/auxiliary_gather/gitlab_tags_rss_feed_email_disclosure. An issue has been discovered in GitLab affecting all versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. It is possible to read the user email address via tags feed although the visibility in the user profile has been disabled.
#ExploitObserverAlert
CVE-2024-20336
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20336. A vulnerability in the web-based user interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform buffer overflow attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.
FIRST-EPSS: 0.000430000
CVE-2024-20336
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20336. A vulnerability in the web-based user interface of Cisco Small Business 100, 300, and 500 Series Wireless APs could allow an authenticated, remote attacker to perform buffer overflow attacks against an affected device. In order to exploit this vulnerability, the attacker must have valid administrative credentials for the device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
CVE-2024-20337
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20337. A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link while establishing a VPN session. A successful exploit could allow the attacker to execute arbitrary script code in the browser or access sensitive, browser-based information, including a valid SAML token. The attacker could then use the token to establish a remote access VPN session with the privileges of the affected user. Individual hosts and services behind the VPN headend would still need additional credentials for successful access.
FIRST-EPSS: 0.000430000
CVE-2024-20337
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20337. A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link while establishing a VPN session. A successful exploit could allow the attacker to execute arbitrary script code in the browser or access sensitive, browser-based information, including a valid SAML token. The attacker could then use the token to establish a remote access VPN session with the privileges of the affected user. Individual hosts and services behind the VPN headend would still need additional credentials for successful access.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
BDU:2024-01792
DESCRIPTION: Exploit Observer has 75 entries in 7 file formats related to BDU:2024-01792. TeamCity JetBrains continuous integration and delivery (CI/CD) system vulnerability related to bypassing the authentication procedure using an alternative path or channel, allowing an attacker to execute arbitrary code. Vulnerability in JetBrains TeamCity's continuous integration and delivery (CI/CD) system is related to bypassing the authentication procedure using an alternative path or channel. Exploiting the vulnerability may allow a remote attacker to execute arbitrary code with elevated privileges.
BDU:2024-01792
DESCRIPTION: Exploit Observer has 75 entries in 7 file formats related to BDU:2024-01792. TeamCity JetBrains continuous integration and delivery (CI/CD) system vulnerability related to bypassing the authentication procedure using an alternative path or channel, allowing an attacker to execute arbitrary code. Vulnerability in JetBrains TeamCity's continuous integration and delivery (CI/CD) system is related to bypassing the authentication procedure using an alternative path or channel. Exploiting the vulnerability may allow a remote attacker to execute arbitrary code with elevated privileges.