missing0x00

3 exploits Active since Sep 2020
CVE-2020-26061 NOMISEC HIGH WORKING POC
Clickstudios Passwordstate < 8.5 - Missing Authentication
ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability. The ResetPassword function does not validate whether the user has successfully authenticated using security questions. An unauthenticated, remote attacker can send a crafted HTTP request to the /account/ResetPassword page to set a new password for any registered user.
CVSS 7.5
CVE-2018-5353 NOMISEC CRITICAL WRITEUP
Zoho ManageEngine ADSelfService Plus <5.5.5517 - Privilege Escalation
The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP. Additionally, if the web server has a misconfigured certificate then no spoofing attack is required
CVSS 9.8
CVE-2018-5354 NOMISEC HIGH WRITEUP
ANIXIS Password Reset Client <3.22 - RCE
The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP.
CVSS 8.8