This archive contains all of the 140 exploits added to Packet Storm in January, 2024.
0e14cf0fdd25357c9137c6b5c8c80825739331f606188ff46569d1155f2fac8d
XenForo versions 2.2.13 and below suffer from a zip slip filename traversal vulnerability in ArchiveImport.php.
5deccbdac2cfe207ec995833b611569397b53b3acedb61fbd211edfe7bb16b0d
TELSAT marKoni FM Transmitter version 1.9.5 allows an unauthorized user to change passwords.
1a66ae97399735bad2659eadafe4e686cf03efee1ac0274553f2b7dbf758023d
TELSAT marKoni FM Transmitter version 1.9.5 implements client-side restrictions that can be bypassed by editing the HTML source page that enable administrative operations.
83533dbc84d20eb18eca133e9837ec480db912786b98b95f7685d6c1337c524c
TELSAT marKoni FM Transmitter version 1.9.5 has a hidden super administrative account factory that has the hardcoded password inokram25 that allows full access to the web management interface configuration.
4ca01a27bd0ca6409f7d71dc7c9c036577b1fa85f80f0723476544a5ed69de48
TELSAT marKoni FM Transmitter version 1.9.5 is susceptible to unauthenticated remote code execution with root privileges. An attacker can exploit a command injection vulnerability by manipulating the Email settings' WAN IP info service, which utilizes the wget module. This allows the attacker to gain unauthorized access to the system with administrative privileges by exploiting the url parameter in the HTTP GET request to ekafcgi.fcgi.
46341d10fda6afba8c75a394bb4b32d1f7ec8fe113f6eab57560a1e8d79ab38a
Qualys discovered a heap-based buffer overflow in the GNU C Library's __vsyslog_internal() function, which is called by both syslog() and vsyslog(). This vulnerability was introduced in glibc 2.37 (in August 2022).
848273d3a06e2a275e111a84edea6cdd3e2e29de8b47a4efd45b2d0d9c53c768
Qualys discovered a memory corruption in the glibc's qsort() function, due to a missing bounds check. To be vulnerable, a program must call qsort() with a nontransitive comparison function (a function cmp(int a, int b) that returns (a - b), for example) and with a large number of attacker-controlled elements (to cause a malloc() failure inside qsort()). They have not tried to find such a vulnerable program in the real world. All glibc versions from at least September 1992 (glibc 1.04) to the current release (glibc 2.38) are affected, but the glibc's developers have independently discovered and patched this memory corruption in the master branch.
f022f88e03996ad79c15bbc5396c143469581fda50195569cb1d3981ecc6fad8
Trojan.Win32 BankShot malware suffers from a buffer overflow vulnerability.
2b3c4192b5308c166c2374b9f23ce4208ceaa4819ae053e8b33695622996db4a
War-FTPD version 1.65 remote denial of service exploit.
22f39f8f63064cd1849310c3eac793882db81d3f683dc43c7173eddde1a39ef0
Solar FTP Server version 2.1.1 remote denial of service exploit.
9a8b87b9f674b48dc76c06c221a62e6cfd9cba97b7de68aeba315327728d8965
A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and assigned CVE-2023-37679. Later, researchers from Horizon3.ai determined the patch to be incomplete and published a gadget chain which bypassed the deny list that the original had implemented. This second vulnerability was assigned CVE-2023-43208 and was patched in Mirth Connect version 4.4.1. This Metasploit module has been tested on versions 4.1.1, 4.3.0 and 4.4.0.
c858fd93ded0a54a221c8cbb76027c1a54979c692f2f5ec5173f8b90a63ff30f
WS_FTP Server version 5.0.5 remote denial of service exploit.
b0ae7d2a65c936ec4e7b7587622a4bd90c91fed914ec8e7ea7930992434fb955
httpdx version 1.5.1 remote denial of service exploit.
f093dce9ee3f2b8a6cf3ed4f50eef65f5d1900f0d7ff32ae945e4442a76dec6e
Reprise License Manager version 15.1 suffers from privilege escalation and arbitrary file write vulnerabilities.
2669c288e5683c8a006f078e5ae5297acd03bfda85f3962dd30fa641023dadbb
Jenkins versions 2.441 and below and LTS 2.426.3 and below remote arbitrary file read proof of concept exploit written in Python.
4fdefdc8a91925284359a1beec765f58e6f6a5a76aa3e27c5a5a2fb4ba6cd562
Jenkins versions 2.441 and LTS 2.426.3 arbitrary file read scanner.
0a161df23c6bac97a5923092b79fd307c231d11a8c0ec701df49569cfd362dfc
CSZCMS version 1.3.0 suffers from a remote SQL injection vulnerability in the admin flows.
ae0da5ea3e511b33cc9334f738b7b17c7cb166561b48d4de7d469531e1996b5d
PrommetriX is a tool that demonstrates a data leakage vulnerability in the Prometheus metrics-based event monitoring software.
27d0180963b74fcbd5831b059fa52142445e0ab684e71e634dffdf199cf1742e
Interactive Floor Plan version 1.0 suffers from a cross site scripting vulnerability.
696171fac915ad8521ab878bf8dd8496a69db4eedb1b4fe9f216fbfde57545ec
Chrome version 121 suffers from a javascript fork malloc vulnerability that indicates memory corruption upon crash.
c5fe58fff9338fa2b857b94610a42def7f40d9f7d58140b30fcf25e66b5a7686
PHPJ Callback Widget version 1.0 suffers from a persistent cross site scripting vulnerability.
5a4188d904853b282526ec16d8c5d6f9a6a772e2951744e041fdfe4a31e26fed
Xitami version 2.5b4 remote denial of service exploit.
b351dc9e48a6aed313bf19e6e490bc5237d5dac13546a53e1865579f3eca6b32
Seattle Lab Mail version 5.5 remote denial of service exploit.
1d1265463922407257de4670840f98790c33cd76fae48b4cc0775131f8f5beb6
PSOProxy version 0.91 remote denial of service exploit.
2f3c83caeda85abed2f2a0b62a022cc02ccb6f905cb9d2a78c56a7b3ee58e490