print("Hello, World") With hundreds of community-driven assessments of vulnerabilities and threats, AttackerKB offers a platform for analysis and discussion. Interested in contributing? Want to learn more about the latest vulnerabilities? Join us:

I examined the Zyxel firewall "authentication bypass" for @AttackerKb. CVE-2022-0342 just looks like a 2fa bypass to me. An explanation and proof of concept exploit can be found here:

I put together a short @AttackerKb for the Sophos Firewall CVE-2022-1040 issue. A test of sorts: curl --insecure -H "X-Requested-With: XMLHttpRequest" -X POST ' https://10.0.0.12/userportal/Controller?mode=8700&operation=1&datagrid=179&json=\{"🦞":"test"\}'

I've got a few @AttackerKb write-ups in the backlog for vulnerabilities I couldn't find. I've very much not enjoyed that 😅 But hopefully the extra information will help someone else. First up, Apex Central's CVE-2022-26871:

I put together an @AttackerKb for Spring4Shell. There isn't a whole lot of new stuff to say at this point. I mostly focused on the original exploit. It's a simple and known technique, but not clearly stated anywhere, I thought. 🤷‍♂️ Happy hacking!

Rapid7 analysis for #Spring4Shell CVE-2022-22965 in AttackerKB via @Junior_Baines

New assessments of CVE-2020-15099 and CVE-2022-21999 in AttackerKB via community contributor noraj and @SpaceySpacek

Metasploit module available in today's release.

Analysis of "Dirty Pipe" CVE-2022-0847 via @SpaceySpacek, including patch info and PoC

Here is the @AttackerKb analysis for CVE-2021-36260, unauthenticated command injection on Hikvision cameras. It includes a snippet of the vulnerable code, a potential way to discover compromise, and a link to pcaps. https://t.co/EWzoCxC2Ro

I wrote up CVE-2021-1585 for @AttackerKb. This unpatched vulnerability is in Cisco's ASDM, a thick client for managing Cisco ASA and the like. A MITM or an evil endpoint can execute arbitrary code on the victim host. PoC included. https://t.co/hb1yZtbfJH

Technical analysis of CVE-2021-1585 in Cisco ASDM, which allows for person-in-the-middle attacks. Disclosed in July 2021, unpatched in latest version, public exploits available. PoC and IOCs in AttackerKB.

To follow up on yesterday's tweet about PetitPotam/KB5009763, I added some notes to @AttackerKb and created a video demonstrating the failure and a patch to resolve it. https://t.co/qqIoc0m8Zj https://t.co/E6MIv6qpWC

Technical analysis for Zoho ManageEngine Desktop Central (and MSP) CVE-2021-44515, including PoC. Credit to @wvuuuuuuuuuuuuu

A handful of fresh vuln assessments for January Patch Tuesday bugs in AttackerKB this week courtesy of @tekwizz123. High-volume advisory dump, but at first glance, no easily exploitable CVEs that are *also* super useful attack targets.

Kibana CVE-2019-7609 and Oracle WebLogic Server CVE-2019-2725 have been reported as exploited in the wild per CISA.

My favorite is CVE-2021-20038, an unauthenticated stack-based buffer overflow in the web server. I wrote a fairly detailed @AttackerKb entry detailing the challenges of landing an exploit. (2/6) https://t.co/HdxQJujPh8

Today, @rapid7 disclosed five zero-day vulnerabilities in SonicWall SMA 100 series devices. Technical analysis for CVE-2021-20038 (unauth stack-based buffer overflow) and CVE-2021-20039 (auth command injection) now in AttackerKB via @Junior_Baines.

We've updated the log4j @AttackerKb Rapid7 analysis to include a VMWare Horizon proof of concept. Thanks to @rwincey for help on that! We also noted that @1ZRR4H tweeted about seeing this one in the wild. https://t.co/pjLbAQq3Ip

11 product-specific analyses Log4j vulnerability now in AttackerKB. Latest addition is PoC (and how to find IOCs) for MobileIron, which is trivially exploitable.

Recent additions to #Log4Shell analysis: - Apache JSPWiki, OFBiz, Druid vulnerable to CVE-2021-44228. PoCs and IOCs in write-up. - Our testing was unable to confirm exploitability for ManageEngine, VMware Horizon, WebLogic.