Packet Storm – Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
Grandstream GXV3175 Unauthenticated Command Execution
20 January 2022, 6:06 pmThis Metasploit module exploits a command injection vulnerability in Grandstream GXV3175 IP multimedia phones. The settimezone action does not validate input in the timezone parameter allowing injection of arbitrary commands. A buffer overflow in the phonecookie cookie parsing allows authentication to be bypassed by providing an alphanumeric cookie 93 characters in length. This module was tested successfully on Grandstream GXV3175v2 hardware revision V2.6A with firmware version 1.0.1.19.
VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution
20 January 2022, 6:03 pmVMware vCenter Server is affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server that will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the root user in the case of the Linux virtual appliance and SYSTEM on Windows. This Metasploit module will start an LDAP server that the target will need to connect to. This exploit uses the logon page vector.
Ransomware Builder Babuk Insecure Permissions
20 January 2022, 5:44 pmRansomware Builder Babuk malware suffers from an insecure permissions vulnerability.
Backdoor.Win32.Wisell Remote Command Execution
20 January 2022, 5:44 pmBackdoor.Win32.Wisell malware suffers from a remote command execution vulnerability.
CollectorStealerBuilder Panel 2.0.0 Man-In-The-Middle
20 January 2022, 5:42 pmThe panel for Collector Stealer malware version 2.0.0 suffers from a man-in-the-middle vulnerability.
CollectorStealerBuilder Panel 2.0.0 Insecure Credential Storage
20 January 2022, 5:40 pmThe panel for Collector Stealer malware version 2.0.0 stores the login credentials in plaintext in its MySQL database. Third-party attackers who gain access to the system can read the database username passwords without having to crack them offline.
VulturiBuilder Insecure Permissions
20 January 2022, 5:40 pmVulturiBuilder malware suffers from an insecure permissions vulnerability.
WordPress Email Template Designer – WP HTML Mail 3.0.9 Cross Site Scripting
19 January 2022, 4:16 pmWordPress Email Template Designer – WP HTML Mail plugin versions 3.0.9 and below suffer from a cross site scripting vulnerability.
Archeevo 5.0 Local File Inclusion
18 January 2022, 4:45 pmArcheevo version 5.0 suffers from a local file inclusion vulnerability.
Landa Driving School Management System 2.0.1 Arbitrary File Upload
18 January 2022, 4:40 pmLanda Driving School Management System version 2.0.1 suffers from an arbitrary file upload vulnerability.
Online Resort Management System 1.0 SQL Injection
18 January 2022, 4:37 pmOnline Resort Management System version 1.0 suffer from remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to nu11secur1ty on January 10, 2022.
Simple Chatbot Application 1.0 Shell Upload
18 January 2022, 4:35 pmSimple Chatbot Application version 1.0 suffers from a remote shell upload vulnerability.
Simple Chatbot Application 1.0 SQL Injection
18 January 2022, 4:33 pmSimple Chatbot Application version 1.0 suffers from a remote blind SQL injection vulnerability.
Nyron 1.0 SQL Injection
18 January 2022, 4:32 pmNyron version 1.0 suffers from a remote SQL injection vulnerability.
OpenBMCS 2.4 Secret Disclosure
17 January 2022, 4:52 pmOpenBMCS version 2.4 suffers from a secret disclosure vulnerability.
OpenBMCS 2.4 Remote File Inclusion / Server-Side Request Forgery
17 January 2022, 4:51 pmOpenBMCS version 2.4 suffers from remote file inclusion and server-side request forgery vulnerabilities.
AgentTesla Builder Web Panel SQL Injection
17 January 2022, 4:50 pmAgentTesla Builder Web Panel malware suffers from a remote SQL injection vulnerability.
AgentTesla Builder Web Panel Cross Site Scripting
17 January 2022, 4:49 pmAgentTesla Builder Web Panel malware suffers from a cross site scripting vulnerability.
OpenBMCS 2.4 Remote Privilege Escalation
17 January 2022, 4:48 pmOpenBMCS version 2.4 create administrator proof of concept exploit that leverages a remote privilege escalation vulnerability.
OpenBMCS 2.4 SQL Injection
17 January 2022, 4:46 pmOpenBMCS version 2.4 suffers from an authenticated remote SQL injection vulnerability.
Chaos Ransomware Builder 4 Insecure Permissions
17 January 2022, 4:45 pmChaos Ransomware Builder version 4 malware suffers from an insecure permissions vulnerability.
OpenBMCS 2.4 Cross Site Request Forgery
17 January 2022, 4:43 pmOpenBMCS version 2.4 suffers from a cross site request forgery vulnerability.
Win32.MarsStealer Web Panel Unauthenticated Remote Data Deletion
17 January 2022, 4:42 pmWin32.MarsStealer Web Panel malware suffers from an unauthenticated remote data deletion vulnerability.
Win32.MarsStealer Web Panel Cross Site Scripting
17 January 2022, 4:25 pmWin32.MarsStealer Web Panel malware suffers from a cross site scripting vulnerability.
SB Admin Cross Site Request Forgery / SQL Injection
17 January 2022, 4:24 pmSB Admin suffers from cross site request forgery and remote SQL injection vulnerabilities.