www.coresecurity.com
Open in
urlscan Pro
2606:4700::6812:bcc
Public Scan
URL:
https://www.coresecurity.com/blog/core-impact-monthly-chronicle-exploits-and-updates-jan-2024
Submission: On November 14 via api from US — Scanned from US
Submission: On November 14 via api from US — Scanned from US
Form analysis 0 forms found in the DOM
Text Content
Press Alt+1 for screen-reader mode, Alt+0 to cancelAccessibility Screen-Reader
Guide, Feedback, and Issue Reporting
This website uses cookies. You may change your settings at any time.
Accept Reject All Manage Cookies
Cookie Preferences
Skip to main content
* Fortra.com
* Contact Us
* Support
* All Fortra Products
* FREE TRIALS
* Fortra.com
* Contact Us
* Support
* All Fortra Products
* FREE TRIALS
* Cyber Threat Toggle Dropdown
PRODUCTS
* Core Impact Penetration testing software
* Cobalt Strike Red team software
* Outflank Security Tooling (OST) Evasive attack simulation
* Event Manager Security information and event management
* Powertech Antivirus Server-level virus protection
* Product Bundles Layered security solutions
SOLUTIONS
* Penetration Testing
* Penetration Testing Services
* Offensive Security
* Threat Detection
* Security Information and Event Management
* Penetration Testing Services Security consulting services
* Identity Toggle Dropdown
PRODUCTS
* Access Assurance Suite User provisioning and governance
* Core Password & Secure Reset Self-service password management
* Core Privileged Access Manager (BoKS) Privileged access management
(PAM)
SOLUTIONS
* Privileged Access Management
* Identity Governance & Administration
* Password Management
* See How to Simplify Access in Your Organization | Request a Demo
* Industries Toggle Dropdown
* Healthcare
* Financial Services
* Federal Government
* Retail
* Utilities & Energy
* Higher Education
* Compliance
* Resources Toggle Dropdown
* Upcoming Webinars & Events
* Blogs
* Case Studies
* Videos
* Datasheets
* Guides
* Training
* Compliance
* All Resources
* CoreLabs Toggle Dropdown
* Advisories
* Exploits
* Articles
* Open Source Tools
* About Toggle Dropdown
* Partners
* Careers
* Newsroom
* Contact Us
1. Home
2. Blog
3. Core Impact Monthly Chronicle: Exploits and Updates | Jan 2024
CORE IMPACT MONTHLY CHRONICLE: EXPLOITS AND UPDATES | JAN 2024
One of Core Impact’s most valuable features is its certified exploit library.
Fortra’s Core Security has a team of expert exploit writers that conduct
research, evaluating and prioritizing the most relevant vulnerabilities in order
to update the library with critical and useful exploits. Additionally, the QA
team creates its own clean environment to validate each exploit before its
release to ensure our standards and validate that it is safe and ready to use.
While you can keep track of new releases through our exploit mailing list,
here’s a more detailed summary of some of the most recent additions to the
library.
CVE-2023-30989 – IBM PERFORMANCE TOOLS PRIVILEGE ESCALATION EXPLOIT
Authors: Marcos Accossatto and Luis García Sierra (QA)
CVSS: : : 7.8 HIGH
Reference: CVE-2023-30989
An improper privilege management vulnerability was discovered in IBM Performance
Tools. When exploited, an authenticated local with command line access can
elevate their privileges, potentially gaining all object access to the host
operating system.
This exploit allows pen testers to simulate an authenticated attacker and
exploit this vulnerability by abusing the QPFR/QAVCPP program, eventually
achieving full control of the compromised system and its resources.
CVE-2023-3460 – WORDPRESS ULTIMATE MEMBER PLUGIN REMOTE CODE EXECUTION EXPLOIT
Authors: Esteban Kazimirow and Arthur Lallemant (QA)
CVSS: 9.8 CRITICAL
Reference: CVE-2023-3460
A vulnerability was found in WordPress Ultimate Member, a plugin for WordPress
websites that enables individuals to sign up and become members. A flaw in the
plugin registration form enables malicious actors to change certain values for
the account to be registered, including the "wp_capabilities" value, which
determines the user's role on the website. If exploited, an unauthenticated
attacker can register as an administrator and take full control of the website.
This vulnerability is actively being exploited in the wild, with as many as
200,000 WordPress websites at risk of having attackers create secret admin
accounts. Users are urged to disable the plugin or immediately update to version
2.6.7, which patches the vulnerability.
Using this exploit, pen testers can imitate unauthenticated attackers to create
new accounts with administrative privileges, allowing them to exfiltrate data,
install malware, make unwanted changes to websites, disrupt operations, or shut
down the website completely. This exploit has also now been updated to include a
print in the module output window.
CVE-2023-28218- MICROSOFT WINDOWS AFD PRIVILEGE ESCALATION EXPLOIT
Authors: Cristian Rubio and Arthur Lallemant (QA)
CVSS: 7.0 HIGH
Reference: CVE-2023-28218
A vulnerability was found in the Windows Ancillary Function Driver (AFD) for
WinSock. AFD.sys is vulnerable to a double-fetch that causes an integer
overflow, which can result in out-of-bounds memory write to non-paged pool
memory. If exploited, attackers could escalate privileges on the Windows
operating system, potentially leading to data exfiltration, malware deployment,
or complete system takeover.
Using this exploit, pen testers can simulate an unauthenticated attacker and
execute arbitrary code with SYSTEM privileges by calling to the WSASendMsg
function with crafted parameters.
CVE-2023-22527- ATLASSIAN CONFLUENCE OGNL INJECTION EXPLOIT
Authors: Marcos Accossatto and Arthur Lallemant (QA)
CVSS: 10.0 CRITICAL
Reference: CVE-2023-22527
A critical Server-Side Template Injection (SSTI) vulnerability was found in
older versions Confluence, a knowledge management tool from Atlassian. This
vulnerability enables attackers to inject OGNL expressions, potentially allowing
them to gain full control of a compromised server.
This vulnerability is being actively exploited in the wild, with thousands of
attempts taking place in less than a week. Users are urged to prioritize
updating to the latest instance of Confluence.
This exploit allows pen testers to imitate unauthenticated remote attackers and
to execute OS system commands, allowing them to exfiltrate data, deploy malware,
or otherwise disrupt business operations.
CVE-2024-0204 - FORTRA GOANYWHERE MFT INITIALACCOUNTSETUP DIRECT REQUEST
VULNERABILITY CHECKER
Authors: Marcos Accossatto and Daniel De Luca (QA)
CVSS: 9.8 CRITICAL
Reference: CVE-2024-0204
An authentication bypass vulnerability was discovered in GoAnywhere MFT,
Fortra’s secure managed file transfer solution. If exploited, an attacker could
create an admin user via the administration portal.
There have been failed exploit attempts of this vulnerability in wild. Though
there have been no reports of successful attacks, users are urged to update to
version 7.4.1, which includes a patch for this vulnerability.
This exploit allows pen testers to imitate an unauthorized attacker to generate
an administrative account, enabling them to potential exfiltrate sensitive
information, deploy additional attacks, or cause critical business disruptions.
Meet the Author
PABLO ZURRO
Cybersecurity Product Manager
Core Security, by Fortra
View Profile
Related Products
Core Impact
Related Content
Article
Core Impact Monthly Chronicle: Exploits and Updates | Nov 2023
Blog
Core Impact Monthly Chronicle: Exploits and Updates | Dec 2023
Article
Core Impact Monthly Chronicle: Exploits and Updates | Nov 2023
Article
Core Impact Monthly Chronicle: Exploits and Updates | Oct 2023
LEARN MORE ABOUT CORE IMPACT
WATCH DEMO
* Email Us
* X Find us on Twitter
* LinkedIn Find us on LinkedIn
* Facebook Find us on Facebook
* YouTube Find us on YouTube
PRODUCTS
* Access Assurance Suite
* Core Impact
* Cobalt Strike
* Event Manager
* Browse All Products
SOLUTIONS
* IDENTITY GOVERNANCE
* PAM
* IGA
* IAM
* Password Management
* Vulnerability Management
* Compliance
* CYBER THREAT
* Penetration Testing
* Red Team
* Phishing
* Threat Detection
* SIEM
RESOURCES
* Upcoming Webinars & Events
* Corelabs Research
* Blog
* Training
ABOUT
* Our Company
* Partners
* Careers
* Accessibility
Also of Interest
* Certified Exploits for Safe and Effective Pen Test
* Core Impact
* Core Impact Technical Datasheet | Penetration...
SUPPORT
PRIVACY POLICY
CONTACT
IMPRESSUM
COOKIE POLICY
Copyright © Fortra, LLC and its group of companies. Fortra®, the Fortra® logos,
and other identified marks are proprietary trademarks of Fortra, LLC.