top most exploited vulnerabilities in 2022top-10-most-exploited-vulns.webp

The most exploited vulnerabilities in 2022

Offensive security is a fast-moving space, yet some security vulnerabilities persist for years, causing problem after problem. 2023 being no exception, you can spare yourself from repetitive work by learning to find and mitigate these top 10 CVEs.

Kelyan Yesil

Published at: 16 Mar 2023

12 min read

Vulnerabilities

Thinking outside the box: 3 creative ways to exploit business logic vulnerabilities in pentests

These flaws are particularly dangerous because attackers exploit behavioral patterns by interacting with apps in different ways than intended. When exploited successfully, they cause serious disruption, including business processes impact and reputational damage.

Razvan Ionescu

Published at: 02 Mar 2023

12 min read

Read the article titled 7-zip-misconfiguration-og-1674210488.png

Vulnerabilities

Phishing a company through a 7-Zip misconfiguration

Reading about phishing can sometimes feel tedious, as many articles simply rehash the same old scenarios and prevention strategies without diving into technical details or offering anything fresh. But don't worry, we've got you covered!

Kelyan Yesil

Published at: 19 Jan 2023

8 min read

Vulnerabilities

Everything you need to know about the new OpenSSL vulnerabilities (CVE-2022-3602 & CVE-2022-3786)

Before securing systems, we need to understand what we’re trying to secure and how to do it. Today we are exploring two new vulnerabilities that got the community's attention this month. Most importantly you will learn how to patch them and how impactful they are.

Kelyan Yesil

Published at: 18 Nov 2022

10 min read

Vulnerabilities

Authenticated Magento RCE with deserialized PHAR files

Back in August 2019, I reported a security vulnerability in Magento affecting versions 2.3.2, 2.3.3, and 2.3.4 using the HackerOne bug bounty platform. The bug impacted some installations of Magento and it allowed us to gain Remote Code Execution based on the way PHAR files are deserialized and by abusing Magento’s Protocol Directives.

Alexandru Postolache

Published at: 03 Aug 2022

9 min read

Read the article titled exploit-http.sys-rce-cve-2022-3129.png

Vulnerabilities

How to exploit the HTTP.sys Remote Code Execution vulnerability (CVE-2022-21907)

Pattern recognition is what hundreds of security specialists in our community voted as the skill to cultivate for a rewarding infosec career. While we have some innate pattern recognition abilities, developing them is essential – and that’s a matter of practice. Working in offensive security gives you plenty of opportunities to do this, with new vulnerabilities ripe for close examination. So let’s go ahead and do just that while discovering how this CVE carries echoes from another vulnerability from a while back.

Stefan Iridon

Published at: 28 Feb 2022

5 min read

Read the article titled how-to-exploit-vmware-vcenter-rce-cve-2021-21985-.png

Vulnerabilities

How to exploit the VMware vCenter RCE with Pentest-Tools.com (CVE-2021-21985)

More high-risk vulnerabilities mean more work for you. The good news? You won’t be out of work anytime soon. The bad news? You’ll probably work a lot more than you anticipate. So how do you balance the good and the not-so-great? By having a replicable process for when a high-risk CVE that leads to RCE hits your targets (the likes of CVE-2021-21985).

Stefan Iridon

Published at: 25 Jan 2022

6 min read

How we detect Log4Shell on Pentest-Tools.comHow-we-detect-Log4Shell-at-pentest-tools.com.png

Security Research Vulnerabilities

How we detect and exploit Log4Shell to help you find targets using vulnerable Log4j versions

We’re breaking down our technique for detecting CVE-2021-44228 (Log4Shell) because we believe our users should understand what’s happening behind the scanners so they can avoid a false sense of security.

Adrian Furtuna

Published at: 17 Dec 2021

4 min read

Read the article titled Detect-Log4Shell-scanner.png

Vulnerabilities

Log4Shell scanner: detect and exploit Log4j CVE-2021-44228 in your network and web apps

We almost made it to a much-needed holiday break… and then Log4Shell happened.

Daniel Bechenea

Published at: 14 Dec 2021

6 min read

Read the article titled detect-cve-2021-22205-with-pentest-tools.com_.png

Vulnerabilities

Detect and exploit Gitlab CE/EE RCE with Pentest-Tools.com (CVE-2021-22205)

“Just patch it!” is the usual advice when a vulnerability hits (and it’s not a zero-day). But it’s never that simple in organizations that have to manage layers upon layers of infrastructure. When you have to deal with a critical CVE like the latest unauthenticated RCE in Gitlab (CVSSv3 10.0), the tangled, messy process of patching bubbles to the surface.

Daniel Bechenea

Published at: 05 Nov 2021

7 min read

Read the article titled rce-windows-dns-sigred-vulnerability.webp

Vulnerabilities

The 17-year-old DNS vulnerability that leads to RCE in Windows

Previously on our blog, we unpacked vulnerabilities in web applications, firewalls, SMB protocols… and now we have a DNS one.

Cristian Cornea

Published at: 17 Jul 2020

5 min read

Read the article titled bip-ip-tmui-rce-vulnerability.webp

Vulnerabilities

How to attack F5 BIG-IP using CVE-2020-5902 (TMUI RCE)

Let’s tackle a vulnerability that broke out not only in BIG-IP firewalls but also on social media! When a major issue affecting a security product emerges, it immediately makes the headlines, the paradox of the situation impossible to ignore.

Cristian Cornea

Published at: 08 Jul 2020

7 min read