shadow-horse

2 exploits Active since Oct 2019

CVE-2019-17571 NOMISEC CRITICAL WRITEUP

Apache Log4j <= 1.2.17 - Deserialization of Untrusted Data via SocketServer

Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.

78 stars

CVSS 9.8

View Code

CVE-2019-11043 NOMISEC HIGH WORKING POC

PHP 7.1.x < 7.1.33, 7.2.x < 7.2.24, 7.3.x < 7.3.11 - Remote Code Execution via FPM Buffer Overflow

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

1 stars

CVSS 8.7

View Code