RidgeBot 3.9ha da poco annunciato l’ultima release, la plugin library 3.26.X. Sono 35 i nuovi plugin che hanno migliorato ulteriormente la capacità di RidgeBot nel rilevamento e nello sfruttamento delle vulnerabilità. 

 

Nuovi 
Plugin
New Host Scan Plugins New Web Scan Plugins New Exploit Plugins New Post-Exploit Plugins
Apache Kylin Remote Command Execution (CVE-2020-13925) Weaver e-office v9.0 File Upload Gerapy Remote Command Execution (CVE-2021-32849) JBoss JMX Authentication Bypass (CVE-2007-1036)
Apache Druid Unauthorized Access (CVE-2021-26920) Zoho ManageEngine ADSelfSerivce Plus REST API Authentication Bypass (CVE-2021-40539)
Gerapy Remote Command Execution (CVE-2021-32849) Atlassian Confluence Server RCE (CVE-2019-3396) JBoss JMX InvokerServlet Deserialization (CVE-2015-7501)
Jenkins Remote Command Execution (CVE-2019-1003000) ECShop RCE Apereo CAS 4.1.x Deserialization
Zoho ManageEngine ADSelfService Plus REST API authorization bypass (CVE-2021-40539) Apache Unomi Remote Command Execution (CVE-2020-13942) Microsoft Exchange Server SSRF (CVE-2021-26855)
Apache Druid RCE (CVE-2021-25646) JBoss 4.x JBossMQ JMS Deserialization (CVE-2017-7504) Microsoft Exchange Server SSRF (CVE-2021-26855)
ResourceSpace SQL Injection (CVE-2021-41765) Zoho ManageEngine ADSelfService Plus REST API authorization bypass (CVE-2021-40539) AD Domain Information Collection
Navigate CMS 2.8 unrestricted File Upload(CVE-2018-17553) PHP 8.1.0-dev zerodium backdoor SMB Buffer Overflow (MS17-010)
Oracle WebLogic Server Unauthorized Access (CVE-2022-21292) JBoss JMX Authentication Bypass (CVE-2007-1036)
FFmpeg SSRF (CVE-2016-1897/CVE-2016-1898) Zoho ManageEngine ADSelfSerivce Plus REST API Authentication Bypass (CVE-2021-40539)
Apache Log4j Deserialization (CVE-2017-5645) JBoss JMX InvokerServlet Deserialization (CVE-2015-7501)
ImageMagick RCE (CVE-2016-3714) Gitlab Exiftool Remote Command Execution (CVE-2021-22205)

Compila il form per avere maggiori informazioni su RidgBot 3.9

Torna in cima