sinsinology

15 exploits Active since Mar 2022
CVE-2023-20887 NOMISEC CRITICAL WORKING POC
VMWare Aria Operations for Networks (vRealize Network Insight) pre-authenticated RCE
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.
232 stars
CVSS 9.8
CVE-2023-34039 NOMISEC CRITICAL WORKING POC
VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.
96 stars
CVSS 9.8
CVE-2024-29849 NOMISEC CRITICAL WORKING POC
Veeam Backup Enterprise Manager - Auth Bypass
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
89 stars
CVSS 9.8
CVE-2024-1800 GITHUB CRITICAL python WORKING POC
Progress Telerik Report Server - Insecure Deserialization
In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability.
78 stars
CVSS 9.9
CVE-2024-4358 NOMISEC CRITICAL WORKING POC
Telerik Report Server Auth Bypass and Deserialization RCE
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.
78 stars
CVSS 9.8
CVE-2024-6670 NOMISEC CRITICAL WORKING POC
WhatsUp Gold SQL Injection (CVE-2024-6670)
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
35 stars
CVSS 9.8
CVE-2024-29855 NOMISEC CRITICAL WORKING POC
Veeam Recovery Orchestrator - Auth Bypass
Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator
20 stars
CVSS 9.0
CVE-2024-29847 NOMISEC CRITICAL WRITEUP
Ivanti EPM <2022 SU6-2024 September - Code Injection
Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.
18 stars
CVSS 9.8
CVE-2024-4885 NOMISEC CRITICAL WORKING POC
Progress Whatsup Gold < 23.1.3 - Path Traversal
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold.  The WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows execution of commands with iisapppool\nmconsole privileges.
17 stars
CVSS 9.8
CVE-2024-5009 NOMISEC HIGH WORKING POC
Progress Whatsup Gold < 23.1.3 - Improper Privilege Management
In WhatsUp Gold versions released before 2023.1.3, an Improper Access Control vulnerability in Wug.UI.Controllers.InstallController.SetAdminPassword allows local attackers to modify admin's password.
13 stars
CVSS 8.4
CVE-2024-4883 NOMISEC CRITICAL WORKING POC
Progress Whatsup Gold < 23.1.3 - Command Injection
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through NmApi.exe.
11 stars
CVSS 9.8
CVE-2022-26503 NOMISEC HIGH WRITEUP
Veeam Agent for Windows <5.x - Code Injection
Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges.
11 stars
CVSS 7.8
CVE-2024-4358 METASPLOIT CRITICAL ruby WORKING POC
Telerik Report Server Auth Bypass and Deserialization RCE
In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.
CVSS 9.8
CVE-2024-1800 METASPLOIT CRITICAL ruby WORKING POC
Progress Telerik Report Server - Insecure Deserialization
In Progress® Telerik® Report Server versions prior to 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability.
CVSS 9.9
CVE-2023-34039 METASPLOIT CRITICAL ruby WORKING POC
VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.
CVSS 9.8