[This is a Guest Diary by William Constantino, an ISC intern as part of the SANS.edu BACS program] In the beginning of my Internet Storm Center (ISC) internship, I wasted too much time trying to build my SIEM from an old computer I had lying around, or a new Raspberry Pi I purchased. I keep…
Check Point Research uncovered an active malware campaign exploiting expired and released Discord invite links. Attackers hijacked the links through vanity link registration, allowing them to silently redirect users from trusted sources to malicious servers. The attackers combined the ClickFix phishing technique, multi-stage loaders, and time-based evasions to stealthily deliver AsyncRAT, and a customized Skuld…
# Exploit Title: RDPGuard 9.9.9 – Privilege Escalation # Discovered by: Ahmet Ümit BAYRAM # Discovered Date: 09.05.2025 # Vendor Homepage: https://rdpguard.com # Software Link: https://rdpguard.com/download.aspx # Tested Version: 9.9.9 (latest) # Tested on: Windows 10 (32bit) # # # Steps to Reproduce # # # # 1. Prepare a .bat file containing…
\n”; print “\nExample….: php $argv[0] http://localhost/invision/”; print “\nExample….: php $argv[0] https://invisioncommunity.com/\n\n”; die(); } $ch = curl_init(); $params = [“app” => “core”, “module” => “system”, “controller” => “themeeditor”, “do” => “customCss”]; curl_setopt($ch, CURLOPT_URL, $argv[1]); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); while (1) { print “\ninvision-shell# “; if (($cmd =…
# Exploit Title: Zyxel USG FLEX H series uOS 1.31 – Privilege Escalation # Date: 2025-04-23 # Exploit Author: Marco Ivaldi # Vendor Homepage: https://www.zyxel.com/ # Version: Zyxel uOS V1.31 (see https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-= =3D advisory-for-incorrect-permission-assignment-and-improper-privilege-managem= =3D ent-vulnerabilities-in-usg-flex-h-series-firewalls-04-22-2025) # Tested on: Zyxel FLEX100H with Firmware V1.31(ABXF.0) and Zyxel FLEX200H with Firmware V1.31(ABWV.0) # CVE: CVE-2025-1731 …
# Exploit Title: CrushFTP 11.3.1 – Authentication Bypass # Date: 2025-05-15 # Exploit Author: @İbrahimsql # Exploit Author’s github: https://github.com/ibrahimsql # Vendor Homepage: https://www.crushftp.com # Software Link: https://www.crushftp.com/download.html # Version: < 10.8.4, < 11.3.1 # Tested on: Ubuntu 22.04 LTS, Windows Server 2019, Kali Linux 2024.1 # CVE: CVE-2025-31161 # Description: # CrushFTP before…
# Exploit Title: Remote Keyboard Desktop 1.0.1 – Remote Code Execution (RCE) # Date: 05/17/2025 # Exploit Author: Chokri Hammedi # Vendor Homepage: https://remotecontrolio.web.app/ # Software Link: https://apps.microsoft.com/detail/9n0jw8v5sc9m?hl=neutral&gl=US&ocid=pdpshare # Version: 1.0.1 # Tested on: Windows 10 Pro Build 19045 # Start Remote Keyboard Desktop on your windows # Preparing: # # 1. Generating payload…
# Exploit Title: ABB Cylon Aspect Studio 3.08.03 – Binary Planting # Vendor: ABB Ltd. # Product web page: https://www.global.abb # Affected version: <=3.08.03 # Tested on: Microsoft Windows 10 Home (EN) OpenJDK 64-Bit Server VM Temurin-21.0.6+7 # Vulnerability discovered by Gjoko ‘LiquidWorm’ Krstic @zeroscience # Advisory ID: ZSL-2025-5952 # Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5952.php …
#!/usr/bin/env python # # # Exploit Title: ABB Cylon Aspect 3.08.03 – Guest2Root Privilege Escalation # # # Vendor: ABB Ltd. # Product web page: https://www.global.abb # Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio # Firmware: <=3.08.03 # # Summary: ASPECT is an award-winning scalable building energy management # and control solution designed to…
# Exploit Title: Java-springboot-codebase 1.1 – Arbitrary File Read # Google Dork: # Date: 23/May/2025 # Exploit Author: d3sca # Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase # Software Link: https://github.com/OsamaTaher/Java-springboot-codebase # Version: [app version] 1.1 # Tested on: Debian Linux # CVE : CVE-2025-46822 #usage: python3 cve-2025-46822.py http://victim.com /etc/passwd import argparse import requests from urllib.parse…
