| Ticket | Info |
|---|---|
| DE9993 | Updated keywords, strike description and fixed the malicious request for Strike E18-0ydc1: wordpress_WP_spritz_remote_file_inclusion. |
| DE9997 | Fixed wrong URL for Strike E06-01x01: chipmunk_guestbook_xss. |
| DE10006 | Deprecated strikes: E17-0dcn1, E15-72301, E14-35f02. |
| DE10033 | The type of the 'Response IP Address Host' parameter in the Map Response action was changed to string. Its value was set to ##ip_addr_srv## NP token in 'DCE RPC MAPI Session' and 'DCE RPC MAPI with File Attachment' SuperFlows. |
| DE10034 | Deprecated xattacker joomla strikes: E17-a8ob1, E17-cceq1, E17-fdys1, E17-nmv01. |
| DE10040 | Deprecated xattacker joomla strikes: E18-01ir1, E18-5ng21, E18-i8051, E18-mygl1, E18-pjc91, E18-wn9b1. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E18-0qlm1 |
CVE-2018-9866 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits a remote code execution on SonicWall Global Management System. The vulnerability is due to lack of string sanitization when updating the system's timezone via a crafted XML file. An attacker exploiting the flaw has complete access to the system as the root user. |
| 9.3 | E18-zq9q1 |
BID-68101 CVE-2014-2782 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) MS14-035 URL |
Exploits | This strike exploits a Use-After-Free vulnerability in Internet Explorer. The vulnerability is due to an attempt to use a TextArea object after it has been improperly deleted. An attacker could exploit this vulnerability by enticing a user to view a malicious web page, executing arbitrary code on the victim machine. |
| 7.8 | D18-mboh1 |
BID-105154 CVE-2018-10938 CVSS-7.8 (AV:N/AC:L/AU:N/C:N/I:N/A:C) SECURITYTRACKER-1041569 URL |
Denial | This strike exploits a flaw in Linux kernels that support CIPSO extensions. The vulnerability resides in a logical error when IP option fields are parsed, causing an infinite loop to happen. An attacker could produce a denial of service condition, rendering the system unavailable. |
| 7.6 | D18-0jky2 |
BID-102397 CVE-2018-0770 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) EXPLOITDB-44075 GOOGLE-1434 |
Denial | This strike exploits a vulnerability in the Microsoft Edge browser. Specifically, the vulnerability exists in the Javascript Chakra engine. It is possible to craft Javascript in such a way that will cause a denial of service condition in the browser. |
| 6.8 | E18-0f5i1 |
BID-96767 CVE-2017-5030 CVSS-6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P) GOOGLE-682194 |
Exploits | This strike exploits a vulnerability in the Google Chrome Browser. Specifically, the vulnerability exists in the Javascript V8 engine. It is possible to craft Javascript in such a way that an out of bounds read will occur in Array.concat. This may lead to a denial of service condition in the browser, or potentially remote code execution. This strike demonstrates the vulnerability by crashing the google chrome browser or by a heap memory leak. |
| 5.5 | E18-aoal1 |
CVE-2018-17128 CVSS-5.5 (AV:N/AC:L/AU:S/C:P/I:P/A:N) URL |
Exploits | This strike exploits a stored cross site scripting vulnerability in MyBB platform. The vulnerability can be exploited by crafting a malicious video attachment when creating a new topic. By exploiting this flaw, an attacker obtains client-side Javascript code execution within victim's browser which can lead to information disclosure and credentials theft. |
| 5.5 | E18-5mv51 |
CVE-2018-16833 CVSS-5.5 (AV:N/AC:L/AU:S/C:P/I:P/A:N) URL |
Exploits | This strike exploits a cross site scripting vulnerability in ManageEngine's Desktop Central Platform. The vulnerability can be exploited by through maliciuos input passed via "q" parameter in the search field. By exploiting this flaw, an attacker obtains client-side Javascript code execution within victim's browser which can lead to information disclosure and credentials theft. |
| 5.5 | E18-5n6j2 |
CVE-2018-17243 CVSS-5.5 (AV:N/AC:L/AU:S/C:P/I:P/A:N) URL |
Exploits | This strike exploits a blind SQL injection vulnerability in ManageEngine's OpManager application. The vulnerability is present in the global search input field as a result of insufficient user input sanitization. Therefore, an attacker may be able to read arbitrary database records or even access system files, depending on the database's configuration. |
| 4.3 | E18-5lvi1 |
CVE-2018-15550 CVSS-4.3 (AV:N/AC:M/AU:N/C:N/I:P/A:N) URL |
Exploits | This strike exploits a stored cross site scripting vulnerability in Supervene RazDC. The vulnerability is due to the lack of user-supplied input sanitization within 'save_user.cgi' form, while parsing input passed to various HTTP parameters. By exploiting this vulnerability, a remote, unauthenticated attacker can execute arbitrary OS commands on the target server. |
| 4.3 | E18-0f5s3 |
BID-96767 CVE-2017-5040 CVSS-4.3 (AV:N/AC:M/AU:N/C:P/I:N/A:N) GOOGLE-691323 |
Exploits | This strike exploits a vulnerability in the Google Chrome Browser. Specifically, the vulnerability exists in the Javascript V8 engine. It is possible to craft Javascript in such a way that when calling Array.indexOf, properties of the array can be changed, and certain values in memory can be disclosed to the user. |
| CVSS | ID | References | Category | Info |
|---|---|---|---|---|
| 10.0 | E18-0yes1 |
CVE-2018-7573 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) EXPLOITDB-44596 |
Exploits | Updated keywords and strike description. Added new variant which should start a 'notepad' process on the client connecting to the FTP Server. |
| 7.5 | E18-0jyu1 |
BID-103696 CVE-2018-1270 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | Added 1-arm support, strike can now be run against a real target with a specific setup. |