Skip to main content

Security Advisories

A collection of security advisories disclosed by Evolved Threat researchers.

BYOB (Bring Your Own Botnet) Unauthenticated Remote Code Execution

HIGH CVE-2024-45256
By chebuya

DESCRIPTION

An unauthenticated remote code execution vulnerability in BYOB (Bring Your Own Botnet) allows attackers to execute arbitrary code.

AFFECTING

  • BYOB (Bring Your Own Botnet) • All versions

Havoc C2 Team Server Unauthenticated SSRF

HIGH CVE-2024-41570
By chebuya

DESCRIPTION

An unauthenticated Server-Side Request Forgery (SSRF) vulnerability in Havoc C2 Team Server allows attackers to make arbitrary HTTP requests.

AFFECTING

  • Havoc C2 Team Server • All versions

CHAOS RAT Multiple Remote Code Execution Vulnerabilities

HIGH CVE-2024-30850 CVE-2024-31839
By chebuya

DESCRIPTION

Multiple remote code execution vulnerabilities in CHAOS RAT allow attackers to execute arbitrary code on affected systems.

AFFECTING

  • CHAOS RAT • All versions

KDE Frameworks Command Execution

HIGH CVE-2019-14744
By Dominik Penner

DESCRIPTION

A critical vulnerability in KDE Frameworks allows arbitrary command execution through malicious desktop files.

AFFECTING

  • KDE Frameworks • ≤ 5.1.60

EA Origin Remote Command Execution

HIGH CVE-2019-12828
By Dominik Penner

DESCRIPTION

Another critical vulnerability in EA Origin enables remote command execution through malicious game URLs.

AFFECTING

  • EA Origin • 10.5.39

EA Origin Remote Command Execution

HIGH CVE-2019-11354
By Dominik Penner

DESCRIPTION

A critical vulnerability in EA Origin allows remote command execution through the origin:// protocol handler.

AFFECTING

  • EA Origin • 10.5.39