ssrsec

4 exploits Active since Apr 2020
CVE-2020-11651 NOMISEC CRITICAL WORKING POC
SaltStack Salt <2019.2.4,3000.2 - RCE
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions.
24 stars
CVSS 9.8
CVE-2021-26855 NOMISEC CRITICAL WORKING POC
Microsoft Exchange ProxyLogon RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
3 stars
CVSS 9.1
CVE-2020-11652 VULNCHECK_XDB MEDIUM WORKING POC
SaltStack Salt < 2019.2.4 - Authenticated Path Traversal via ClearFuncs Methods
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
CVSS 6.5
CVE-2021-27065 PATCHAPALOOZA HIGH WORKING POC
Microsoft Exchange Server - Remote Code Execution via ProxyLogon
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS 7.8