9.8
CVSSv3

CVE-2018-6892

Published: 11/02/2018 Updated: 21/11/2024

Vulnerability Summary

An issue exists in CloudMe prior to 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cloudme sync

Exploits

# Exploit Title: Cloudme 19 - Buffer Overflow (DEP) (Metasploit) # Date: 2018-08-13 # Exploit Author: Raymond Wellnitz # Vendor Homepage: wwwcloudmecom # Version: 18x/19x # Tested on: Windows 7 x64 # CVE : 2018-6892 ## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/meta ...
# Exploit Title: CloudMe Sync v1112 Buffer Overflow - WoW64 - (DEP Bypass) # Date: 24012019 # Exploit Author: Matteo Malvica # Vendor Homepage:wwwcloudmecom/en # Software: wwwcloudmecom/downloads/CloudMe_1112exe # Category: Remote # Contact:twittercom/matteomalvica # Version: CloudMe Sync 1112 # Tested on: Window ...
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::Tcp include Msf::Exploit::Remote::Seh def initialize(info = {}) super(update_info(info, 'Nam ...
[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinxaltervistaorg [+] Source: hyp3rlinxaltervistaorg/advisories/CLOUDME-SYNC-UNAUTHENTICATED-REMOTE-BUFFER-OVERFLOWtxt [+] ISR: Apparition Security [+] SSD Beyond Security Submission: blogssecuriteamcom/indexphp/archives/3669 Vendor: ============= wwwclo ...
CloudMe Sync version 1112 buffer overflow exploit with egghunter ...
CloudMe Sync version 1112 buffer overflow exploit with DEP bypass for WoW64 ...
CloudMe Sync version 192 remote buffer overflow exploit Tested on Win7 32b SP1 ...
CloudMe Sync versions 1109 and below suffer from an unauthenticated remote buffer overflow vulnerability ...
This Metasploit module exploits a stack buffer overflow in Cloudme version 18x and 19x ...
CloudMe version 1112 exploit that uses MSVCRTSystem to create a new user (boku:0v3R9000!) and add the new user to the Administrators group A requirement of successful exploitation is the CloudMeexe process must be running as administrator ...
CloudMe version 1112 SEH buffer overflow exploit ...

Github Repositories

Cybersecurity - ROP Chain Author : Hugo Steiger Mentor : Fabrice Sabatier Full documentation (in french) : drivegooglecom/drive/folders/1zk0_hDLVdnrfNR9fUt-6JmRmidWrFUTV?usp=sharing This project was carried out as part as Mines Nancy last year "Information Systems Attacks" course, within the Computer Science Departement The projet goal was to create a ROP

PoCs for public CVEs I have been working on

CVE-Exploits PoCs for public CVEs I have been working on Exploit List CVE-2018-6892: Stack-based buffer overflow in CloudMe 1112

Ported Exploit From Python To Golang

CVE-2018-6892-Golang Ported Exploit From Python To Golang packetstormsecuritycom/files/157407/CloudMe-1112-Buffer-Overflowhtml

My version - CloudMe-Sync-1.10.9---Buffer-Overflow-SEH-DEP-Bypass on Win7 x64 CVE-2018-6892

CloudMe-Sync-1109---Buffer-Overflow-SEH-DEP-Bypass My version - CloudMe-Sync-1109---Buffer-Overflow-SEH-DEP-Bypass on Win7 x64 CVE-2018-6892