This archive contains all of the 140 exploits added to Packet Storm in January, 2024.
0e14cf0fdd25357c9137c6b5c8c80825739331f606188ff46569d1155f2fac8dXenForo versions 2.2.13 and below suffer from a zip slip filename traversal vulnerability in ArchiveImport.php.
5deccbdac2cfe207ec995833b611569397b53b3acedb61fbd211edfe7bb16b0dTELSAT marKoni FM Transmitter version 1.9.5 allows an unauthorized user to change passwords.
1a66ae97399735bad2659eadafe4e686cf03efee1ac0274553f2b7dbf758023dTELSAT marKoni FM Transmitter version 1.9.5 implements client-side restrictions that can be bypassed by editing the HTML source page that enable administrative operations.
83533dbc84d20eb18eca133e9837ec480db912786b98b95f7685d6c1337c524cTELSAT marKoni FM Transmitter version 1.9.5 has a hidden super administrative account factory that has the hardcoded password inokram25 that allows full access to the web management interface configuration.
4ca01a27bd0ca6409f7d71dc7c9c036577b1fa85f80f0723476544a5ed69de48TELSAT marKoni FM Transmitter version 1.9.5 is susceptible to unauthenticated remote code execution with root privileges. An attacker can exploit a command injection vulnerability by manipulating the Email settings' WAN IP info service, which utilizes the wget module. This allows the attacker to gain unauthorized access to the system with administrative privileges by exploiting the url parameter in the HTTP GET request to ekafcgi.fcgi.
46341d10fda6afba8c75a394bb4b32d1f7ec8fe113f6eab57560a1e8d79ab38aQualys discovered a heap-based buffer overflow in the GNU C Library's __vsyslog_internal() function, which is called by both syslog() and vsyslog(). This vulnerability was introduced in glibc 2.37 (in August 2022).
848273d3a06e2a275e111a84edea6cdd3e2e29de8b47a4efd45b2d0d9c53c768Qualys discovered a memory corruption in the glibc's qsort() function, due to a missing bounds check. To be vulnerable, a program must call qsort() with a nontransitive comparison function (a function cmp(int a, int b) that returns (a - b), for example) and with a large number of attacker-controlled elements (to cause a malloc() failure inside qsort()). They have not tried to find such a vulnerable program in the real world. All glibc versions from at least September 1992 (glibc 1.04) to the current release (glibc 2.38) are affected, but the glibc's developers have independently discovered and patched this memory corruption in the master branch.
f022f88e03996ad79c15bbc5396c143469581fda50195569cb1d3981ecc6fad8Trojan.Win32 BankShot malware suffers from a buffer overflow vulnerability.
2b3c4192b5308c166c2374b9f23ce4208ceaa4819ae053e8b33695622996db4aWar-FTPD version 1.65 remote denial of service exploit.
22f39f8f63064cd1849310c3eac793882db81d3f683dc43c7173eddde1a39ef0Solar FTP Server version 2.1.1 remote denial of service exploit.
9a8b87b9f674b48dc76c06c221a62e6cfd9cba97b7de68aeba315327728d8965A vulnerability exists within Mirth Connect due to its mishandling of deserialized data. This vulnerability can be leveraged by an attacker using a crafted HTTP request to execute OS commands within the context of the target application. The original vulnerability was identified by IHTeam and assigned CVE-2023-37679. Later, researchers from Horizon3.ai determined the patch to be incomplete and published a gadget chain which bypassed the deny list that the original had implemented. This second vulnerability was assigned CVE-2023-43208 and was patched in Mirth Connect version 4.4.1. This Metasploit module has been tested on versions 4.1.1, 4.3.0 and 4.4.0.
c858fd93ded0a54a221c8cbb76027c1a54979c692f2f5ec5173f8b90a63ff30fWS_FTP Server version 5.0.5 remote denial of service exploit.
b0ae7d2a65c936ec4e7b7587622a4bd90c91fed914ec8e7ea7930992434fb955httpdx version 1.5.1 remote denial of service exploit.
f093dce9ee3f2b8a6cf3ed4f50eef65f5d1900f0d7ff32ae945e4442a76dec6eReprise License Manager version 15.1 suffers from privilege escalation and arbitrary file write vulnerabilities.
2669c288e5683c8a006f078e5ae5297acd03bfda85f3962dd30fa641023dadbbJenkins versions 2.441 and below and LTS 2.426.3 and below remote arbitrary file read proof of concept exploit written in Python.
4fdefdc8a91925284359a1beec765f58e6f6a5a76aa3e27c5a5a2fb4ba6cd562Jenkins versions 2.441 and LTS 2.426.3 arbitrary file read scanner.
0a161df23c6bac97a5923092b79fd307c231d11a8c0ec701df49569cfd362dfcCSZCMS version 1.3.0 suffers from a remote SQL injection vulnerability in the admin flows.
ae0da5ea3e511b33cc9334f738b7b17c7cb166561b48d4de7d469531e1996b5dPrommetriX is a tool that demonstrates a data leakage vulnerability in the Prometheus metrics-based event monitoring software.
27d0180963b74fcbd5831b059fa52142445e0ab684e71e634dffdf199cf1742eInteractive Floor Plan version 1.0 suffers from a cross site scripting vulnerability.
696171fac915ad8521ab878bf8dd8496a69db4eedb1b4fe9f216fbfde57545ecChrome version 121 suffers from a javascript fork malloc vulnerability that indicates memory corruption upon crash.
c5fe58fff9338fa2b857b94610a42def7f40d9f7d58140b30fcf25e66b5a7686PHPJ Callback Widget version 1.0 suffers from a persistent cross site scripting vulnerability.
5a4188d904853b282526ec16d8c5d6f9a6a772e2951744e041fdfe4a31e26fedXitami version 2.5b4 remote denial of service exploit.
b351dc9e48a6aed313bf19e6e490bc5237d5dac13546a53e1865579f3eca6b32Seattle Lab Mail version 5.5 remote denial of service exploit.
1d1265463922407257de4670840f98790c33cd76fae48b4cc0775131f8f5beb6PSOProxy version 0.91 remote denial of service exploit.
2f3c83caeda85abed2f2a0b62a022cc02ccb6f905cb9d2a78c56a7b3ee58e490
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed