Horizon3.ai Attack Team - Security Researcher - Exploit Intelligence Platform

CVE-2022-31704 METASPLOIT CRITICAL ruby WORKING POC

Vmware Vrealize Log Insight < 4.8 - Improper Access Control

The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.

CVSS 9.8

View Code

CVE-2022-31706 METASPLOIT CRITICAL ruby WORKING POC

Vmware Vrealize Log Insight < 4.8 - Path Traversal

The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

CVSS 9.8

View Code

CVE-2022-31706 VULNCHECK_XDB CRITICAL WORKING POC

Vmware Vrealize Log Insight < 4.8 - Path Traversal

The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

CVSS 9.8

View Code

CVE-2022-31704 VULNCHECK_XDB CRITICAL WORKING POC

Vmware Vrealize Log Insight < 4.8 - Improper Access Control

The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.

CVSS 9.8

View Code

CVE-2022-31711 VULNCHECK_XDB MEDIUM WORKING POC

Vmware Vrealize Log Insight < 4.8 - Information Disclosure

VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication.

CVSS 5.3

View Code

CVE-2024-29847 INTHEWILD CRITICAL WORKING POC

Ivanti EPM <2022 SU6-2024 September - Code Injection

Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.

CVSS 9.8

View Code

CVE-2022-31711 METASPLOIT MEDIUM ruby WORKING POC

Vmware Vrealize Log Insight < 4.8 - Information Disclosure

VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication.

CVSS 5.3

View Code