Security Advisories
A collection of security advisories disclosed by Evolved Threat researchers.
BYOB (Bring Your Own Botnet) Unauthenticated Remote Code Execution
BYOB (Bring Your Own Botnet) Unauthenticated Remote Code Execution
DESCRIPTION
An unauthenticated remote code execution vulnerability in BYOB (Bring Your Own Botnet) allows attackers to execute arbitrary code.
AFFECTING
- BYOB (Bring Your Own Botnet) • All versions
Havoc C2 Team Server Unauthenticated SSRF
Havoc C2 Team Server Unauthenticated SSRF
DESCRIPTION
An unauthenticated Server-Side Request Forgery (SSRF) vulnerability in Havoc C2 Team Server allows attackers to make arbitrary HTTP requests.
AFFECTING
- Havoc C2 Team Server • All versions
CHAOS RAT Multiple Remote Code Execution Vulnerabilities
CHAOS RAT Multiple Remote Code Execution Vulnerabilities
DESCRIPTION
Multiple remote code execution vulnerabilities in CHAOS RAT allow attackers to execute arbitrary code on affected systems.
AFFECTING
- CHAOS RAT • All versions
KDE Frameworks Command Execution
KDE Frameworks Command Execution
DESCRIPTION
A critical vulnerability in KDE Frameworks allows arbitrary command execution through malicious desktop files.
AFFECTING
- KDE Frameworks • ≤ 5.1.60
EA Origin Remote Command Execution
EA Origin Remote Command Execution
DESCRIPTION
Another critical vulnerability in EA Origin enables remote command execution through malicious game URLs.
AFFECTING
- EA Origin • 10.5.39
EA Origin Remote Command Execution
EA Origin Remote Command Execution
DESCRIPTION
A critical vulnerability in EA Origin allows remote command execution through the origin:// protocol handler.
AFFECTING
- EA Origin • 10.5.39