A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances.
https://github.com/CEOrbey/CVE-2022-36804-MASS-RCE
https://github.com/CEOrbey/CVE-2022-36804-MASS-RCE
DrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field
https://github.com/rftg1000/CVE-2022-32548-RCE-POC
https://github.com/rftg1000/CVE-2022-32548-RCE-POC
Another Windows Local Privilege Escalation from Service Account to System
https://github.com/antonioCoco/JuicyPotatoNG
https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/
#LPE #Windows
https://github.com/antonioCoco/JuicyPotatoNG
https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/
#LPE #Windows
GitHub
GitHub - antonioCoco/JuicyPotatoNG: Another Windows Local Privilege Escalation from Service Account to System
Another Windows Local Privilege Escalation from Service Account to System - GitHub - antonioCoco/JuicyPotatoNG: Another Windows Local Privilege Escalation from Service Account to System
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
https://github.com/D1rkMtr/FilelessRemotePE
https://github.com/D1rkMtr/FilelessRemotePE
The OWASSRF + TabShell exploit chain (CVE-2022-41076)
detailes:
https://blog.viettelcybersecurity.com/tabshell-owassrf/
POC:
https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e
#Tabshell #exchange
detailes:
https://blog.viettelcybersecurity.com/tabshell-owassrf/
POC:
https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e
#Tabshell #exchange
Invicti-Professional-v23-1-0-Pwn3rzs-CyberArsenal.rar
278.1 MB
Password:Pwn3rzs