koharin (Team of Mobydick)

10 exploits Active since Dec 2020
CVE-2020-29564 WRITEUP CRITICAL WRITEUP
Consul Docker <1.4.2 - Privilege Escalation
The official Consul Docker images 0.7.1 through 1.4.2 contain a blank password for a root user. System using the Consul Docker container deployed by affected versions of the Docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-29575 WRITEUP CRITICAL WRITEUP
Elixir Docker <1.8.0-alpine - Privilege Escalation
The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user. Systems using the elixir Linux Docker container deployed by affected versions of the Docker image may allow a remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-29576 WRITEUP CRITICAL WRITEUP
Eggdrop <1.8.4rc2 - Privilege Escalation
The official eggdrop Docker images before 1.8.4rc2 contain a blank password for a root user. Systems using the Eggdrop Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-29577 WRITEUP CRITICAL WRITEUP
znc <1.7.1-slim - Privilege Escalation
The official znc docker images before 1.7.1-slim contain a blank password for a root user. Systems using the znc docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-29578 WRITEUP CRITICAL WRITEUP
Piwik Docker <fpm-alpine - Privilege Escalation
The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user. Systems using the Piwik Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access.
CVSS 9.8
CVE-2020-29579 WRITEUP CRITICAL WRITEUP
Express Gateway <1.14.0 - Privilege Escalation
The official Express Gateway Docker images before 1.14.0 contain a blank password for a root user. Systems using the Express Gateway Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access.
CVSS 9.8
CVE-2020-29580 WRITEUP CRITICAL WRITEUP
Storm Docker <1.2.1 - Privilege Escalation
The official storm Docker images before 1.2.1 contain a blank password for a root user. Systems using the Storm Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-29581 WRITEUP CRITICAL WRITEUP
spiped <1.5-alpine - Privilege Escalation
The official spiped docker images before 1.5-alpine contain a blank password for a root user. Systems using the spiped docker container deployed by affected versions of the docker image may allow an remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-29601 WRITEUP CRITICAL WRITEUP
Notary Docker <signer-0.6.1-1 - Privilege Escalation
The official notary docker images before signer-0.6.1-1 contain a blank password for a root user. System using the notary docker container deployed by affected versions of the docker image may allow an remote attacker to achieve root access with a blank password.
CVSS 9.8
CVE-2020-29602 WRITEUP CRITICAL WRITEUP
irssi <1.1-alpine - Privilege Escalation
The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user. System using the irssi docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.
CVSS 9.8