Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
helpsystems vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-36798
A Denial-of-Service (DoS) vulnerability exists in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote malicious users to crash the C2 server thread and block beacons' communication with it.
Helpsystems Cobalt Strike 4.2
Helpsystems Cobalt Strike 4.3
2 Github repositories
7.5
CVSSv2
CVE-2018-20764
A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1. Since tcpcrypt is setuid, exploitation leads to privilege escalation.
Helpsystems Boks
NA
CVE-2022-39197
An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike up to and including 4.7 that allowed a remote malicious user to execute HTML on the Cobalt Strike teamserver. To exploit the vulnerability, one must first inspect a Cobalt Strike payload, and then ...
Helpsystems Cobalt Strike
19 Github repositories
5
CVSSv2
CVE-2022-23317
CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with "/", and attackers can obtain relevant information by specifying the URL.
Helpsystems Cobalt Strike
NA
CVE-2022-42948
Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI.
Helpsystems Cobalt Strike 4.7.1
NA
CVE-2021-46830
A path traversal vulnerability exists within GoAnywhere MFT prior to 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain acce...
Helpsystems Goanywhere Managed File Transfer
2.1
CVSSv2
CVE-2021-43708
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode.
Helpsystems Titus Data Classification 18.8.1910.140
NA
CVE-2021-26837
SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems) DeliverNow before version 1.2.18, allows malicious users to execute arbitrary code, escalate privileges, and gain sensitive information.
Fortra Delivernow
NA
CVE-2023-0669
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
Fortra Goanywhere Managed File Transfer
1 Metasploit module
6 Github repositories
2 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started