Cyb3rEnthusiast

3 exploits Active since Mar 2022
CVE-2023-34039 NOMISEC CRITICAL WORKING POC
VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.
3 stars
CVSS 9.8
CVE-2022-1040 NOMISEC CRITICAL STUB
Sophos Sfos < 18.5.3 - Authentication Bypass
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
1 stars
CVSS 9.8
CVE-2023-27997 NOMISEC CRITICAL NO CODE
Fortinet Fortiproxy < 1.1.6 - Out-of-Bounds Write
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.
CVSS 9.8