OffensiveOceloot

4 exploits Active since Oct 2020
CVE-2020-26130 WRITEUP HIGH WRITEUP
Open TFTP Server 1.66 - Incorrect Permission Assignment for Critical Resource
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe binary.
CVSS 7.8
CVE-2020-26131 WRITEUP HIGH WRITEUP
Open DHCP Server 1.75 and Open DHCP Server (LDAP Based) 0.1Beta - Privilege Escalation via Binary Replacement
Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe (Regular) or the OpenDHCPLdap.exe (LDAP Based) binary.
CVSS 7.8
CVE-2020-26132 WRITEUP HIGH WRITEUP
Home DNS Server 0.10 - Unauthenticated Privilege Escalation via Binary Replacement
An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary.
CVSS 7.8
CVE-2020-26133 WRITEUP HIGH WRITEUP
Dual DHCP DNS Server 7.40 - Privilege Escalation via Executable Replacement
An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary.
CVSS 7.8