illdeed

4 exploits Active since Apr 2024
CVE-2025-20281 NOMISEC CRITICAL WORKING POC
Cisco Identity Services Engine - Unauthenticated Remote Code Execution via API Request
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
5 stars
CVSS 10.0
CVE-2025-47812 NOMISEC CRITICAL WORKING POC
Wing FTP Server NULL-byte Authentication Bypass (CVE-2025-47812)
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.
CVSS 10.0
CVE-2025-32463 NOMISEC CRITICAL WORKING POC
Sudo <1.9.17p1 - Privilege Escalation
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
CVSS 9.3
CVE-2024-4040 NOMISEC CRITICAL WORKING POC
CrushFTP < 10.7.1 - Unauthenticated Server-Side Template Injection
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
CVSS 9.8