AttackerKB
attackerkb
New assessment for topic: CVE-2024-43451
Topic description: "NTLM Hash Disclosure Spoofing Vulnerability ..."
"CVE-2024-43451 is a Windows NTLM hash disclosure vulnerability categorized as a "spoofing" flaw that affects all supported Microsoft Windows versions, including Windows 10, Windows 11, and Windows Server editions. ..."
Link: https://attackerkb.com/assessments/f3043ff4-f3e9-4120-a46d-16868c8e27f9
Topic description: "NTLM Hash Disclosure Spoofing Vulnerability ..."
"CVE-2024-43451 is a Windows NTLM hash disclosure vulnerability categorized as a "spoofing" flaw that affects all supported Microsoft Windows versions, including Windows 10, Windows 11, and Windows Server editions. ..."
Link: https://attackerkb.com/assessments/f3043ff4-f3e9-4120-a46d-16868c8e27f9
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-55555
Topic description: "Invoice Ninja before 5.10.43 allows remote code execution from a pre-authenticated route when an attacker knows the APP_KEY ..."
"Laravel PHP applications can be exploited due to bad implementations of decryption mechanisms ..."
Link: https://attackerkb.com/assessments/bed328ac-6982-4a75-95f5-170ff0ea894d
Topic description: "Invoice Ninja before 5.10.43 allows remote code execution from a pre-authenticated route when an attacker knows the APP_KEY ..."
"Laravel PHP applications can be exploited due to bad implementations of decryption mechanisms ..."
Link: https://attackerkb.com/assessments/bed328ac-6982-4a75-95f5-170ff0ea894d
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-27218
Topic description: "Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization. ..."
"On January 6, 2025, Sitecore published a security bulletin, [SC2024-002-624693](https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003535) , for a critical unauthenticated remote code execution (RCE) vulnerability affecting the products Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 ..."
Link: https://attackerkb.com/assessments/54a61ef3-00e8-47cf-a4d0-c36950f2e373
Topic description: "Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization. ..."
"On January 6, 2025, Sitecore published a security bulletin, [SC2024-002-624693](https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003535) , for a critical unauthenticated remote code execution (RCE) vulnerability affecting the products Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 ..."
Link: https://attackerkb.com/assessments/54a61ef3-00e8-47cf-a4d0-c36950f2e373
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-0282
Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution. ..."
"Microsoft released a report observing a state-sponsored actor called Silk Typhoon abusing this vulnerability, hence we added a the tag to reflect this ..."
Link: https://attackerkb.com/assessments/8dd72440-c8b5-41bb-a6c4-2396ca7e2f02
Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution. ..."
"Microsoft released a report observing a state-sponsored actor called Silk Typhoon abusing this vulnerability, hence we added a the tag to reflect this ..."
Link: https://attackerkb.com/assessments/8dd72440-c8b5-41bb-a6c4-2396ca7e2f02
0
1
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-55556
Topic description: "A vulnerability in Crater Invoice allows an unauthenticated attacker with knowledge of the APP_KEY to achieve remote command execution on the server by manipulating the laravel_session cookie, exploiting arbitrary deserialization through the encrypted session data ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/3635027c-977c-4cda-a659-857dbf2df5dc
Topic description: "A vulnerability in Crater Invoice allows an unauthenticated attacker with knowledge of the APP_KEY to achieve remote command execution on the server by manipulating the laravel_session cookie, exploiting arbitrary deserialization through the encrypted session data ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/3635027c-977c-4cda-a659-857dbf2df5dc
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-12356
Topic description: "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. ..."
"Hello, I am a college student ..."
Link: https://attackerkb.com/assessments/bafc9e8f-15c9-4dbc-be46-9797537ea08d
Topic description: "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. ..."
"Hello, I am a college student ..."
Link: https://attackerkb.com/assessments/bafc9e8f-15c9-4dbc-be46-9797537ea08d
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-12084
Topic description: "A heap-based buffer overflow flaw was found in the rsync daemon ..."
"Based upon writing a [technical analysis](https://attackerkb.com/topics/UM2s9nB7k4/cve-2024-12084/rapid7-analysis) of this vuln, I have rated the exploitability as Low, as exploitation of this heap based overflow is limited and will take further work to develop into a full RCE ..."
Link: https://attackerkb.com/assessments/4db6027b-a197-4238-acc5-b0af55f459b3
Topic description: "A heap-based buffer overflow flaw was found in the rsync daemon ..."
"Based upon writing a [technical analysis](https://attackerkb.com/topics/UM2s9nB7k4/cve-2024-12084/rapid7-analysis) of this vuln, I have rated the exploitability as Low, as exploitation of this heap based overflow is limited and will take further work to develop into a full RCE ..."
Link: https://attackerkb.com/assessments/4db6027b-a197-4238-acc5-b0af55f459b3
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2024-12084
"On January 14, 2025, 6 vulnerabilities within rsync were disclosed via the [oss-security mailing list](https://www.openwall.com/lists/oss-security/2025/01/14/3) ..."
Link: https://attackerkb.com/topics/c6bb75f4-0187-4b29-bda4-224685376a33
"On January 14, 2025, 6 vulnerabilities within rsync were disclosed via the [oss-security mailing list](https://www.openwall.com/lists/oss-security/2025/01/14/3) ..."
Link: https://attackerkb.com/topics/c6bb75f4-0187-4b29-bda4-224685376a33
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-57728
Topic description: "SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e ..."
"Between January 8th and 13th 2025, SimpleHelp RMM released patches for a set of vulnerabilities including an authenticated file upload affecting the following versions: ..."
Link: https://attackerkb.com/assessments/ceb2ad15-73e9-4da8-887d-ff69dbb8ee91
Topic description: "SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e ..."
"Between January 8th and 13th 2025, SimpleHelp RMM released patches for a set of vulnerabilities including an authenticated file upload affecting the following versions: ..."
Link: https://attackerkb.com/assessments/ceb2ad15-73e9-4da8-887d-ff69dbb8ee91
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-57727
Topic description: "SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests ..."
"Between January 8th and 13th 2025, SimpleHelp RMM released patches for a set of vulnerabilities including an unauthenticated path traversal affecting the following versions: ..."
Link: https://attackerkb.com/assessments/1711e1d9-4407-4c28-ae4e-379952e65026
Topic description: "SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests ..."
"Between January 8th and 13th 2025, SimpleHelp RMM released patches for a set of vulnerabilities including an unauthenticated path traversal affecting the following versions: ..."
Link: https://attackerkb.com/assessments/1711e1d9-4407-4c28-ae4e-379952e65026
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-0108
Topic description: "An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts ..."
"On February 12, 2025, Palo Alto Networks published an [advisory for CVE-2025-0108](https://security.paloaltonetworks.com/CVE-2025-0108) ..."
Link: https://attackerkb.com/assessments/951efdb5-288e-4608-8bde-667656782321
Topic description: "An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts ..."
"On February 12, 2025, Palo Alto Networks published an [advisory for CVE-2025-0108](https://security.paloaltonetworks.com/CVE-2025-0108) ..."
Link: https://attackerkb.com/assessments/951efdb5-288e-4608-8bde-667656782321
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-12356
Topic description: "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. ..."
"Based upon both writing a [technical analysis](https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356#rapid7-analysis) of this vuln, and an accompanying [Metasploit exploit module](https://github.com/rapid7/metasploit-framework/pull/19877), I have rated the exploitability as `Very High`, as exploitation is reliable, repeatable, and can be fully automated by an exploit script ..."
Link: https://attackerkb.com/assessments/4b8511fd-3dcf-4ea3-8dd2-7df3b2245055
Topic description: "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. ..."
"Based upon both writing a [technical analysis](https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356#rapid7-analysis) of this vuln, and an accompanying [Metasploit exploit module](https://github.com/rapid7/metasploit-framework/pull/19877), I have rated the exploitability as `Very High`, as exploitation is reliable, repeatable, and can be fully automated by an exploit script ..."
Link: https://attackerkb.com/assessments/4b8511fd-3dcf-4ea3-8dd2-7df3b2245055
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2024-12356
"On December 16, 2024, BeyondTrust published both [an advisory](https://www.beyondtrust.com/trust-center/security-advisories/bt24-10) and patches for CVE-2024-12356, a critical unauthenticated remote code execution (RCE) vulnerability affecting the products Privileged Remote Access (PRA) and Remote Support (RS) ..."
Link: https://attackerkb.com/topics/bf309bc8-5c3d-4ad1-bd68-0c095978cce6
"On December 16, 2024, BeyondTrust published both [an advisory](https://www.beyondtrust.com/trust-center/security-advisories/bt24-10) and patches for CVE-2024-12356, a critical unauthenticated remote code execution (RCE) vulnerability affecting the products Privileged Remote Access (PRA) and Remote Support (RS) ..."
Link: https://attackerkb.com/topics/bf309bc8-5c3d-4ad1-bd68-0c095978cce6
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-25181
Topic description: "A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter. ..."
"CVE-2025-25181 is an SQL Injection vulnerability identified in the VeraCore application, specifically within the timeoutWarning endpoint ..."
Link: https://attackerkb.com/assessments/8eb75af7-8535-4adc-8a0f-97c3aeaf4ca9
Topic description: "A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter. ..."
"CVE-2025-25181 is an SQL Injection vulnerability identified in the VeraCore application, specifically within the timeoutWarning endpoint ..."
Link: https://attackerkb.com/assessments/8eb75af7-8535-4adc-8a0f-97c3aeaf4ca9
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-24578
Topic description: "RaspberryMatic is an open-source operating system for HomeMatic internet-of-things devices ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/be4bcbb2-499b-40df-85ed-92de2fbec245
Topic description: "RaspberryMatic is an open-source operating system for HomeMatic internet-of-things devices ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/be4bcbb2-499b-40df-85ed-92de2fbec245
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-53704
Topic description: "An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. ..."
"On January 7, 2025, SonicWall announced an authentication bypass affecting SonicOS, the operating system used by many SonicWall appliances ..."
Link: https://attackerkb.com/assessments/82f8d49a-9a1d-48bd-86df-542635a5540a
Topic description: "An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. ..."
"On January 7, 2025, SonicWall announced an authentication bypass affecting SonicOS, the operating system used by many SonicWall appliances ..."
Link: https://attackerkb.com/assessments/82f8d49a-9a1d-48bd-86df-542635a5540a
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2024-53704
"On January 7, 2025, [SonicWall announced](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003) an authentication bypass affecting SonicOS, the operating system used by many SonicWall appliances ..."
Link: https://attackerkb.com/topics/a5d8a13b-f707-474b-8d3e-a885f9d0f1cd
"On January 7, 2025, [SonicWall announced](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003) an authentication bypass affecting SonicOS, the operating system used by many SonicWall appliances ..."
Link: https://attackerkb.com/topics/a5d8a13b-f707-474b-8d3e-a885f9d0f1cd
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-49113
Topic description: "Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability ..."
"CVE-2024-49113 is a denial-of-service (DoS) vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) ..."
Link: https://attackerkb.com/assessments/ee558a5f-bfde-4c37-8367-cc3821b0aecb
Topic description: "Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability ..."
"CVE-2024-49113 is a denial-of-service (DoS) vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) ..."
Link: https://attackerkb.com/assessments/ee558a5f-bfde-4c37-8367-cc3821b0aecb
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-49112
Topic description: "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability ..."
"CVE-2024-49112 is a critical vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service ..."
Link: https://attackerkb.com/assessments/07d80193-ab91-4495-ad6c-eeeb6ffbb112
Topic description: "Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability ..."
"CVE-2024-49112 is a critical vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service ..."
Link: https://attackerkb.com/assessments/07d80193-ab91-4495-ad6c-eeeb6ffbb112
0
1
1
AttackerKB
attackerkb
New assessment for topic: CVE-2024-38134
Topic description: "Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/1666dde0-3e50-40c8-a117-96b9df707b45
Topic description: "Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/1666dde0-3e50-40c8-a117-96b9df707b45
0
0
0