OpenBMCS version 2.4 create administrator proof of concept exploit that leverages a remote privilege escalation vulnerability.
dfa165d919105379e965f9f7c64bc72209b082357f408421bbd7348be571f7eaProof of concept for a Microsoft HTTP protocol stack vulnerability that causes a denial of service.
c2c18115a401a528cf1b5dc31c17571b0980e3c441f00ab74bcca4c29d729334Apache Log4j2 versions 2.14.1 and below proof of concept remote code execution exploit. JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.
c8d0355e439c74ae436d3c409fe4b1f7b1c6c2d6fb97d2375bbaa49de94f642bDocker proof of concept command execution exploit that leverages runc.
d839ae3cbe28eac31921153401a56b44bcb7aa9e71186e649af207b24a2573d0Wipro Holmes Orchestrator version 20.4.1 unauthenticated arbitrary file reading proof of concept exploit.
aa43fdedfc7f5227a2a020d9bd25796fe6699fb9bbb47484e3814e5633c6039bMicrosoft Office OneNote 2007 proof of concept exploit for a OnePKG file parsing remote code execution vulnerability. Upon decompressing files from .ONEPKG archives (using MS CAB format), a failure to sanitize file paths and file contents allows for arbitrary file planting in arbitrary locations on the OS, including the startup folder.
a2e1f0872cb6d8139581f87f3c37e90d1829d74bca8d610a3d0ffadd03dd7e9dJavaScriptCore suffers from a crash condition due to an uninitialized register in slow_path_profile_catch. Proof of concept that affects Safari is included.
8dd2cde7c2edb66fc6061ca48debe795fc639981944e4354c301b47af6a7c4b1Firebase's PHP-JWT suffers from an algorithm confusion issue. Proof of concept code included.
bb3896b28adac75139b54397d609f1fd54d05c94094f3213dbc7a00f3fa5c0c6Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel buffer. They successfully exploited this uncontrolled out-of-bounds write, and obtained full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation; other Linux distributions are certainly vulnerable, and probably exploitable. A basic proof of concept (a crasher) is attached to this advisory.
0c0b69962c7c4951fd574d5a8b85049490d77ada7568b05cfb4bce7ca40aa09aProof of concept code for a time-based blind remote SQL injection vulnerability in Online Shopping Portal version 3.1. This is a variant of the original discovery of SQL injection in this version by Umit Yalcin in July of 2020.
767219aec319fdaf3843c6a3cee1e6adffa3ddc30ff33399b70b01cfabe1a3d6XNU suffers from a network stack kernel heap overflow due to an out-of-bounds memmove in 6lowpan. Proof of concept code included.
a1d06d7c40ef5cee75dbfed56b2263d072ffb407a0a5a9ac79847d59421ad896This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched by Microsoft in February 2021. It is triggerable remotely by sending malicious UDP packet over IPv6.
0516b2a0dc860ebf19e63ce4021cd59c81f89b4c0605fd9ecea4c32742d682e0Proof of concept exploit for an out-of-bounds access vulnerability in the Realtek RTKVHD64.sys, leading to pool corruption.
bb5ee485c5648076add9bf2abf25ea37396550a4e2aa9b60094cc8338c092692This is a proof of concept for CVE-2021-28476 ("Hyper-V Remote Code Execution Vulnerability"), an arbitrary memory read in vmswitch.sys (network virtualization service provider) patched by Microsoft in May 2021.
48a1cc3a6acb78d90f7e5beca74fe39f754180b4d7a5529002e913fac71d8976Proof of concept exploit for a path traversal vulnerability in Pallets Werkzeug version 0.15.4.
4f5c6bd91b62008c37cb7bf8cbae42390e891388493b81718362ca9738d106b3PrintNightmare remote code execution proof of concept exploit for the Windows Spooler Service.
65f3a8fdee04d68517612f8bbb28b7e29a2396d68991acfedf0892a70576c47aThis is the Impacket implementation of the PrintNightmare proof of concept originally created by Zhiniang Peng and Xuefeng Li that leverages a privilege escalation vulnerability in the Windows Print Spooler.
573d07da8eca58f9ce096e858ed133d273214a6db6d390271660e11698decd25This document illustrates proof of concept exploitation of a vulnerability in WordPress versions 5.6.0 through 5.7.0 that gives a user the ability to upload files on a server and exploit an XML parsing issue in the Media Library using an MP3 file upload that leads to an XXE attack.
6f2b6fbc58bcb6f703bd6d4a439b0bd64de13c645bc50f0f2f21b49152561b36KnFTP Server version 1.0.0 LIST denial of service proof of concept exploit.
6e992b00b4404656da10a5211abde600ea5faa319eb07349de5de184d6afe3dePCMan FTP Server version 2.0.7 USER denial of service proof of concept exploit.
1ffb0cae68a951a3083217ac56d66b7415bc772ed03135d4020bb8195b4bf865memono Notepad 4.2 denial of service proof of concept exploit.
6e0c80eeec1f14cb6c54d8b2608794aad97b58dbd5466fd0e4ea84a35c530d90EasyFTP Server version 1.7.0.11 XRMD denial of service proof of concept exploit.
4f7789b1d4176284fefe0a8f3b908427852a8228b67f9e6a4263e89a59386e80Proof of concept exploit for a remote code execution vulnerability in Microsoft's RDP service.
6d22c79340f19a7303c4fe1251a1c8e3e6781fc8551886316a0e4e976e9a6dbfExim versions prior to 4.90.1 remote buffer overflow proof of concept exploit.
ee8228224f1f993d6d2342e211a9be7a153342208313db672c854f83eba4d705Cisco SD-WAN vManage version 19.2.2 remote root shell proof of concept exploit that leverages multiple vulnerabilities.
a39fed0dc5f1a0ca97a329bad76e86ccb0fe30addc423eef4129602dce1d82e6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed