Skip to content
Exodus Intelligence
  • Blog
    • Exploit Techniques
    • News
    • Training
    • Vulnerability Analysis
    • Other
  • Offerings
  • Company
  • Capabilities
  • Training
  • Advisories

CloudLinux LVE kernel module (kmod-lve) Reference Counter Overflow

January 13, 2023 No Comments

EIP-ad32d249 A local privilege escalation vulnerability exists in the CloudLinux Lightweight Virtualized Environment (LVE) kernel module due to an overflow of a reference counter. Successful exploitation

Read More »

SonicWall SMA 500v and SMA 100 Series Firmware Heap Buffer Overflow

January 12, 2023 No Comments

EIP-6a6472ab A remote code execution vulnerability exists in SonicWall SMA 100 Series and SMA 500v Series due to a heap buffer overflow in the ‘extensionsetting’

Read More »

Schneider Electric SoMachine HVAC ActiveX Control Information Disclosure Vulnerability

January 12, 2023 No Comments

EIP-50a1e402 An information disclosure vulnerability exists in Schneider Electric SoMachine HVAC due to a method in the ‘AxEditGrid3.ocx’ ActiveX control leaking a heap address of

Read More »

TP-Link WA850RE Unauthenticated Configuration Disclosure Vulnerability

June 23, 2022 No Comments

EIP-9098806c A vulnerability exists within the httpd server of the TP-Link WA850RE Universal Wi-Fi Range Extender that allows remote unauthenticated attackers to download the configuration

Read More »

TP-Link WA850RE Remote Command Injection Vulnerability

June 23, 2022 No Comments

EIP-7758d2d4 A vulnerability exists within the httpd server of the TP-Link WA850RE Universal Wi-Fi Range Extender that allows authenticated attackers to inject arbitrary commands as

Read More »

TP-Link WR940N/WR941ND Uninitialized Pointer Vulnerability

June 23, 2022 No Comments

EIP-9ad27c94 An uninitialized pointer vulnerability exists within TP-Link’s WR940N and WR941ND SOHO router devices specifically during the processing of UPnP/SOAP SUBSCRIBE requests. Successful exploitation allow

Read More »

Mitel Web Management Interface Buffer Overflow Vulnerability

June 9, 2022 No Comments

EIP-c4542e4d A stack-based buffer overflow vulnerability exists within multiple Mitel product web management interfaces, including the 3300 Controller and MiVoice Business product lines. Improper handling

Read More »

SalesAgility SuiteCRM ‘deleteAttachment’ Type Confusion Vulnerability

June 9, 2022 No Comments

EIP-0077b802 A type confusion vulnerability exists within SalesAgility SuiteCRM within the processing of the ‘module’ parameter within the ‘deleteAttachment’ functionality. Successful exploitation allows remote unauthenticated

Read More »

SalesAgility SuiteCRM ‘export’ Request SQL Injection Vulnerability

June 9, 2022 No Comments

EIP-0f5d2d7f A SQL injection vulnerability exists within SalesAgility SuiteCRM within the processing of the ‘uid’ parameter within the ‘export’ functionality. Successful exploitation allows remote unauthenticated

Read More »

D-Link DIR-1260 GetDeviceSettings Pre-Auth Command Injection Vulnerability

May 11, 2022 No Comments

EIP-3b20d7b3 A command injection vulnerability exists within the web management interface of the D-Link DIR-1260 Wi-Fi router that allows for unauthenticated attackers to execute arbitrary

Read More »

Advantech iView ztp_search_value Parameter SQL Injection Remote Code Execution Vulnerability

March 1, 2022 No Comments

EIP-b4311e44 A vulnerability exists within Advantech iView SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability

Read More »

Advantech iView data Parameter SQL Injection Information Disclosure Vulnerability

March 1, 2022 No Comments

EIP-d835f368 A vulnerability exists within Advantech iView SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability

Read More »

Advantech iView search_term Parameter SQL Injection Remote Code Execution Vulnerability

March 1, 2022 No Comments

EIP-626345ce A vulnerability exists within Advantech iView SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability

Read More »

Advantech iView getInventoryReportData Parameter SQL Injection Information Disclosure Vulnerability

March 1, 2022 No Comments

EIP-62f7da8c A vulnerability exists within Advantech iView SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability

Read More »

Advantech iView ztp_config_id Parameter SQL Injection Information Disclosure Vulnerability

March 1, 2022 No Comments

EIP-824d14ae A vulnerability exists within Advantech iView SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability

Read More »

Xerox DocuShare AMI Pro File Parsing Stack Overflow Vulnerability

February 23, 2022 No Comments

EIP-db4e064b A stack-based buffer overflow vulnerability exists within Xerox DocuShare. Exploitation of the vulnerability allows for attackers to execute arbitrary code with system privileges. The

Read More »

Xerox DocuShare WordPerfect Parsing Stack Overflow Vulnerability

February 23, 2022 No Comments

EIP-c728d1ef A stack-based buffer overflow vulnerability exists within Xerox DocuShare. Exploitation of the vulnerability allows for attackers to execute arbitrary code with system privileges. The

Read More »

Xerox DocuShare AMI Pro p-tag Parsing Stack Overflow Vulnerability

February 23, 2022 No Comments

EIP-6185db3e A stack-based buffer overflow vulnerability exists within Xerox DocuShare. Exploitation of the vulnerability allows for attackers to execute arbitrary code with system privileges. The

Read More »

ZyXEL Armor Cross-Site Request Forgery Vulnerability

February 22, 2022 No Comments

EIP-521a3b40 A cross-site request forgery vulnerability exists within the ZyXEL Armor Z1 AC2350 and Z2 AC2600 series. Exploitation of the vulnerability allows for attackers to

Read More »

ZyXEL Armor Photobak Command Injection Vulnerability

February 22, 2022 No Comments

EIP-c624ba9f A command-injection vulnerability exists within the ZyXEL Armor Z1 AC2350 series. The vulnerable endpoint is within the ‘photobak’ component found in the cgi-bin. Exploitation

Read More »

Zlibc Environment Variable Handling Local Privilege Escalation Vulnerability

February 2, 2022 No Comments

EIP-1a8a439f A vulnerability exists in Zlibc that allows a local attacker to execute arbitrary code with elevated privileges through manipulation of the LD_ZLIB_CONFFILE and LD_ZLIB_UNCOMPRESSOR

Read More »

Arris SURFboard SSDP Command Injection Vulnerability

February 2, 2022 No Comments

EIP-55f127ea A vulnerability exists within Arris SURFboard’s handling of Simple Service Discovery Protocol (SSDP) messages. A specially crafted NOTIFY message with a LOCATION header can

Read More »

LiveAction LiveNX AWS Credential Disclosure Vulnerability

January 19, 2022 No Comments

EIP-7d4ec9e3 Several versions of LiveAction LiveNX network monitoring software contain Amazon Web Services (AWS) credentials. These credentials have privileged access to the LiveAction AWS infrastructure. A

Read More »

UltraVNC Viewer VNC client RFB SolidColor Arbitrary Write Vulnerability

December 16, 2021 No Comments

EIP-0e1ca3ec A vulnerability exists within UltraVNC’s “vncviewer.exe” client. A malicious server can trigger an arbitrary memory write condition through a flaw in the function ClientConnection::SolidColor

Read More »

UltraVNC Viewer VNC client RFB rfbServerInitMsg Heap Overflow Vulnerability

December 16, 2021 No Comments

EIP-0e1ca3ec A vulnerability exists within UltraVNC’s “vncviewer.exe” client. Specifically a malicious server may write arbitrary data to arbitrary memory locations through the  in the “rfbServerInitMsg”

Read More »

UltraVNC Viewer VNC client RFB ReadUltraRect Heap Overflow Vulnerability

December 16, 2021 No Comments

EIP-930b0ea5 A vulnerability exists within UltraVNC’s “vncviewer.exe” client. Specifically a heap overflow can be triggered in the “ClientConnection::ReadUltraRect” function upon decompression of malicious formatted data

Read More »

UltraVNC Viewer VNC client Remote Memory Leak Vulnerability

December 2, 2021 No Comments

EIP-5182fb5b A vulnerability exists within UltraVNC view due to a lack of proper stack memory buffer cleanup before constructing the ‘rfbTextChat’ message, which results in

Read More »

NEC EXPRESSCLUSTER X Transaction Server 0x32 File Read Vulnerability

October 31, 2021 No Comments

EIP-852fe633 An arbitrary file read vulnerability has been found in NEC EXPRESSCLUSTER X that can allow an attacker to read files off the target system.

Read More »

NEC EXPRESSCLUSTER X Web Manager File Upload Vulnerability

October 31, 2021 No Comments

EIP-d8554689 An arbitrary file upload vulnerability has been found in NEC EXPRESSCLUSTER X. WebManager (clpwebmc.exe) is a webserver tasked with providing remote administrative access, it

Read More »

NEC EXPRESSCLUSTER X Web Manager Command Execution Vulnerability

October 31, 2021 No Comments

EIP-9eccc486 A remote command execution vulnerability has been found in NEC EXPRESSCLUSTER X. WebManager (clpwebmc.exe) is a webserver tasked with providing remote administrative access, it

Read More »

NEC EXPRESSCLUSTER X Old API Server 0x1D Stack Overflow Vulnerability

October 31, 2021 No Comments

EIP-2ba7cebd A stack-based buffer overflow has been found in NEC EXPRESSCLUSTER X that can lead to remote arbitrary code execution with full SYSTEM privileges. The

Read More »

NEC EXPRESSCLUSTER X Transaction Server 0x32 Stack Overflow Vulnerability

October 31, 2021 No Comments

EIP-5f2cf48c A stack-based buffer overflow has been found in NEC EXPRESSCLUSTER X that can lead to remote arbitrary code execution with full SYSTEM privileges. The

Read More »

NEC EXPRESSCLUSTER X Transaction Server 0x3A Stack Overflow Vulnerability

October 31, 2021 No Comments

EIP-fba18752 A stack-based buffer overflow has been found in NEC EXPRESSCLUSTER X that can lead to remote arbitrary code execution with full SYSTEM privileges. The

Read More »

NEC EXPRESSCLUSTER X Disk Agent 0x104 Stack Overflow Vulnerability

October 31, 2021 No Comments

EIP-8b0cfb43 A stack-based buffer overflow has been found in NEC EXPRESSCLUSTER X that can lead to remote arbitrary code execution with full SYSTEM privileges. The

Read More »

NEC EXPRESSCLUSTER X Disk Agent 0x103 Stack Overflow Vulnerability

October 31, 2021 No Comments

EIP-ff1ca610 A stack-based buffer overflow has been found in NEC EXPRESSCLUSTER X that can lead to remote arbitrary code execution with full SYSTEM privileges. The

Read More »

SolarWinds Serv-u File Server Command Injection Vulnerability

September 27, 2021 No Comments

EIP-d3400c52 The Serv-U File Server supports site specific commands which may not be universally supported by all FTP clients. Among these is the SITE EXEC command

Read More »

McAfee DLP Agent Stack Buffer Overflow Remote Code Execution Vulnerability

September 17, 2021 No Comments

EIP-035220ca The vulnerability affects both Data Loss Prevention (DLP) Endpoint for Windows and the DLP Discover products from McAfee. The vulnerability is present within the included

Read More »

Adobe Acrobat Reader Base URI Unicode String Heap Buffer Overflow Vulnerability

September 17, 2021 No Comments

EIP-47ea5148 A heap buffer overflow vulnerability exists in the IA32.api module of Adobe Acrobat and Acrobat Reader DC. Upon parsing a specially crafted PDF document

Read More »

Foxit PhantomPDF ConvertToPDF Arbitrary File Write Remote Code Execution Vulnerability

August 24, 2021 No Comments

EIP-884255a1 The vulnerability exists within an RPC interface listening on TCP port 6000, exposed by Foxit PhantomPDF. The ConvertToPDF method of the Creator object does

Read More »

Foxit PhantomPDF CombineFiles Arbitrary File Write Remote Code Execution Vulnerability

August 24, 2021 No Comments

EIP-adf3136a The vulnerability exists within an RPC interface listening on TCP port 6000, exposed by Foxit PhantomPDF. The CombineFiles method of the Creator object does

Read More »

Foxit PhantomPDF ConnectedPDF DocSearch_Locator_Table SQL Injection Remote Code Execution Vulnerability

August 24, 2021 No Comments

EIP-68b878c6 The vulnerability exists within the ConnectedPDF service, implemented by the FoxitPhantomConnectedPDFService.exe binary. The service listens for connections on TCP port 44440 on localhost and

Read More »

Foxit PhantomPDF ConnectedPDF ConnectedPDF_DRM_Table SQL Injection Remote Code Execution Vulnerability

August 24, 2021 No Comments

EIP-962d432f The vulnerability exists within the ConnectedPDF service, implemented by the FoxitPhantomConnectedPDFService.exe binary. The service listens for connections on TCP port 44440 on localhost and

Read More »

Foxit PhantomPDF ConnectedPDF DocUpdate_Notify_Table SQL Injection Remote Code Execution Vulnerability

August 24, 2021 No Comments

EIP-6eceec3d The vulnerability exists within the ConnectedPDF service, implemented by the FoxitPhantomConnectedPDFService.exe binary. The service listens for connections on TCP port 44440 on localhost and

Read More »

Foxit PhantomPDF extractPages Arbitrary File Write Remote Code Execution Vulnerability

August 24, 2021 No Comments

EIP-a5cba843 The vulnerability exists within the JavaScript PDF API exposed by Foxit PhantomPDF. The extractPages method of the Document object does not properly validate the

Read More »

Foxit PhantomPDF loadHtmlView Context Level Bypass Vulnerability

August 23, 2021 No Comments

EIP-617871b4 The vulnerability exists within the JavaScript PDF API exposed by Foxit PhantomPDF. The loadHtmlView method of the app object invokes attacker-controlled JavaScript code in

Read More »
  • August 2021
  • September 2021
  • October 2021
  • November 2021
  • December 2021
  • January 2022
  • February 2022
  • March 2022
  • April 2022
  • May 2022
  • June 2022
  • July 2022
  • August 2022
  • September 2022
  • October 2022
  • November 2022
  • December 2022
  • January 2023
  • February 2023
  • March 2023
Menu
  • August 2021
  • September 2021
  • October 2021
  • November 2021
  • December 2021
  • January 2022
  • February 2022
  • March 2022
  • April 2022
  • May 2022
  • June 2022
  • July 2022
  • August 2022
  • September 2022
  • October 2022
  • November 2022
  • December 2022
  • January 2023
  • February 2023
  • March 2023

Intelligence

  • Zero-Day
  • N-Day
  • Training

Support

  • Resources
  • Blog
  • FAQ

Company

  • Why Exodus?
  • About
  • Careers

Copyright 2021 Exodus Intelligence