OffensiveOceloot

4 exploits Active since Oct 2020
CVE-2020-26130 WRITEUP HIGH WRITEUP
Open Tftp Server - Incorrect Permission Assignment
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe binary.
CVSS 7.8
CVE-2020-26131 WRITEUP HIGH WRITEUP
Open Dhcp Server - Incorrect Permission Assignment
Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe (Regular) or the OpenDHCPLdap.exe (LDAP Based) binary.
CVSS 7.8
CVE-2020-26132 WRITEUP HIGH WRITEUP
Home DNS Server - Incorrect Permission Assignment
An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary.
CVSS 7.8
CVE-2020-26133 WRITEUP HIGH WRITEUP
Dual Dhcp DNS Server - Incorrect Permission Assignment
An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary.
CVSS 7.8