CVE-2024-1212
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.
Github link:
https://github.com/Rehan07-Human/Exploiting-RCE-Cyber_Project_CVE-2024-1212
Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.
Github link:
https://github.com/Rehan07-Human/Exploiting-RCE-Cyber_Project_CVE-2024-1212
GitHub
GitHub - Rehan07-Human/Exploiting-RCE-Cyber_Project_CVE-2024-1212: Demonstrating the exploitation of the Remote Code Execution…
Demonstrating the exploitation of the Remote Code Execution (RCE) vulnerability in Kemp LoadMaster (CVE-2024-1212). This project covers reconnaissance, vulnerability scanning using Nuclei, and expl...
CVE-2024-23334
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. Version 3.9.2 fixes this issue.
Github link:
https://github.com/BestDevOfc/CVE-2024-23334-PoC
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. Version 3.9.2 fixes this issue.
Github link:
https://github.com/BestDevOfc/CVE-2024-23334-PoC
GitHub
GitHub - BestDevOfc/CVE-2024-23334-PoC: A proof of concept of the path traversal vulnerability in the python AioHTTP library =<…
A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1 - BestDevOfc/CVE-2024-23334-PoC
CVE-2011-2523
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
Github link:
https://github.com/NullBrunk/CVE-2011-2523
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
Github link:
https://github.com/NullBrunk/CVE-2011-2523
GitHub
GitHub - NullBrunk/CVE-2011-2523: VsFTPd 2.3.4 Backdoor Command Execution
VsFTPd 2.3.4 Backdoor Command Execution. Contribute to NullBrunk/CVE-2011-2523 development by creating an account on GitHub.
CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
Github link:
https://github.com/yaseenibnakhtar/Malware-Analysis-CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
Github link:
https://github.com/yaseenibnakhtar/Malware-Analysis-CVE-2017-11882
GitHub
GitHub - yaseenibnakhtar/001-Malware-Analysis-CVE-2017-11882: Malware Analysis CVE-2017-11882
Malware Analysis CVE-2017-11882. Contribute to yaseenibnakhtar/001-Malware-Analysis-CVE-2017-11882 development by creating an account on GitHub.
CVE-2020-1472
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
Github link:
https://github.com/TuanCui22/ZerologonWithImpacket-CVE2020-1472
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
Github link:
https://github.com/TuanCui22/ZerologonWithImpacket-CVE2020-1472
GitHub
GitHub - TuanCui22/ZerologonWithImpacket-CVE2020-1472: A practical proof-of-concept for CVE-2020-1472 (Zerologon) using the Impacket…
A practical proof-of-concept for CVE-2020-1472 (Zerologon) using the Impacket library to exploit Netlogon vulnerability and perform unauthorized domain controller access. - TuanCui22/ZerologonWithI...
CVE-2024-7954
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.
Github link:
https://github.com/0dayan0n/RCE_CVE-2024-7954-
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.
Github link:
https://github.com/0dayan0n/RCE_CVE-2024-7954-
GitHub
GitHub - 0dayan0n/RCE_CVE-2024-7954-: The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable…
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PH...
CVE-2019-0232
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option enableCmdLineArguments is disable by default in Tomcat 9.0.x (and will be disabled by default in all versions in response to this vulnerability). For a detailed explanation of the JRE behaviour, see Markus Wulftange's blog (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) and this archived MSDN blog (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/).
Github link:
https://github.com/Dharan10/CVE-2019-0232
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet is disabled by default. The CGI option enableCmdLineArguments is disable by default in Tomcat 9.0.x (and will be disabled by default in all versions in response to this vulnerability). For a detailed explanation of the JRE behaviour, see Markus Wulftange's blog (https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html) and this archived MSDN blog (https://web.archive.org/web/20161228144344/https://blogs.msdn.microsoft.com/twistylittlepassagesallalike/2011/04/23/everyone-quotes-command-line-arguments-the-wrong-way/).
Github link:
https://github.com/Dharan10/CVE-2019-0232
Blogspot
CODE WHITE | Blog: Java and Command Line Injections in Windows
Everyone knows that incorporating user provided fragments into a command line is dangerous and may lead to command injection. That’s why in ...
CVE-2023-38831
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.
Github link:
https://github.com/kuyrathdaro/winrar-cve-2023-38831
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.
Github link:
https://github.com/kuyrathdaro/winrar-cve-2023-38831
GitHub
GitHub - kuyrathdaro/winrar-cve-2023-38831: Winrar CVE-2023-38831 (PoC)
Winrar CVE-2023-38831 (PoC). Contribute to kuyrathdaro/winrar-cve-2023-38831 development by creating an account on GitHub.