CVE-2022-28219 is an unauthenticated remote code execution vulnerability affecting Zoho ManageEngine ADAudit Plus, a compliance tool used by enterprises to monitor changes to Active Directory.

Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs. This vulnerability allows remote code execution as the root user.

Technical deep dive into VMware's recently patched authentication bypass vulnerability allowing an attacker to login as any known local user.

The recent FortiOS / FortiProxy / FortiSwitchManager CVE has been reportedly exploited in the wild. We would like to provide additional insight into the vulnerability so users can begin to determine...

F5 recently patched a critical vulnerability in their BIG-IP iControl REST endpoint CVE-2022-1388. It is simple to exploit and provides an attacker with a method to execute arbitrary system commands.

CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Deep-Dive and Indicators of Compromise. This blog details the SQL injection which allows an unauthenticated attacker to access the FortiClient...

On January 10, 2023, ManageEngine released a security advisory for CVE-2022-47966 (discovered by Khoadha of Viettel Cyber Security) affecting a wide range of products. The vulnerability allows an...

CVE-2023-34992 Fortinet FortiSIEM Command Injection Deep-Dive and Indicators of Compromise. This blog details a command injection vulnerability which allows an unauthenticated attacker to access the...

Technical deep-dive and exploit POC for VMware vRealize Log Insight RCE as reported in VMSA-2023-0001. This series of vulnerabilities leads to remote code execution and full system compromise....

Veeam has recently released an advisory for CVE-2023-27532 for Veeam Backup and Replication which allows an unauthenticated user with access to the Veeam backup service (TCP 9401 by default) to...

NextChat a.k.a ChatGPT-Next-Web, a popular Gen AI ChatBot, is vulnerable to a critical server-side request forgery (SSRF) vulnerability.

Indicators of Compromise for ManageEngine CVE-2022-47966, a pre-authentication remote code execution vulnerability. Depending on the specific ManageEngine product, this vulnerability is exploitable...

CVE-2024-23108 Fortinet FortiSIEM Command Injection Deep-Dive and Indicators of Compromise. This blog details a command injection vulnerability which allows an unauthenticated attacker to access the...

POC for CVE-2022-1388. Contribute to horizon3ai/CVE-2022-1388 development by creating an account on GitHub.

CVE-2023-39143 is a critical vulnerability we disclosed to PaperCut that affects the widely used PaperCut NG/MF print management software. It affects PaperCut NG/MF running on Windows, prior to...

Revisiting CVE-2023-48788, a SQL injection in Fortinet FortiClient EMS Server. This blog details bypassing several restrictions to achieve arbitrary command execution as SYSTEM.

It's been more than six months since the Log4Shell vulnerability (CVE-2021-44228) was disclosed, and a number of post-mortems have come out talking about lessons learned and ways to prevent the next...

An analysis of the recent ConnectWise ScreenConnect authentication bypass vulnerability assigned as CVE-2024-1709, its root cause, and indicators of compromise.

Indicators of Compromise for VMware vRealize Log Insight affected by VMSA-2023-0001. This series of vulnerabilities leads to remote code execution and full system compromise. CVE-2022-31704, CVE-20...

A technical and root cause analysis of CISA's Known Exploited Vulnerabilities from 2023.

On Tuesday, October 25 a new OpenSSL hot-fix release was announced which will patch a critical vulnerability that exists within the v3.0.X branch. OpenSSL 3.0.7 will be released on Tuesday, November...

Introduction In December 2022, we competed at our first pwn2own. We were able to successfully exploit the Lexmark MC3224i using a command injection 0-day. This post will detail the process we used to...

Contribute to horizon3ai/CVE-2021-44142 development by creating an account on GitHub.

Introduction Back in Aug. 2023 we released an advisory for CVE-2023-39143, a critical vulnerability that affects Windows installs of the PaperCut NG/MF print management software. Attackers can...

The recent FortiOS / FortiProxy / FortiSwitchManager CVE has been reportedly exploited in the wild. We would like to provide additional insight into the vulnerability so users can begin to determine...

A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY - horizon3ai/backup_dc_registry

Mirth Connect, by NextGen HealthCare, versions prior to 4.4.1 are vulnerable to an unauthenticated RCE vulnerability, CVE-2023-43208.

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user - GitHub - Ridter/noPac: Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domai...

Understanding Log4Shell: the Apache log4j2 Remote Code Execution Vulnerability (CVE-2021-44228)

Sample Log4Shell (CVE-2021-44228) payloads observed in the wild by GreyNoise Intelligence - payload_samples.md

CVE-2021-44228 Apache Log4j RCE Attempts Dec 20th 9:27PM ET - CVE-2021-44228_IPs.csv

Fast and customizable vulnerability scanner based on simple YAML based DSL. - projectdiscovery/nuclei