MITRE ATT&CK — FreeIntelHub

T1190 — Exploit Public-Facing Application (Initial Access)

205 articles found

Zero Day Initiative CVE Jan 30

ZDI-26-050: GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

T1190 1 IOC

Zero Day Initiative →

Infosecurity Magazine Vulnerability Disclosure Amazon Jan 28

Critical and High Severity n8n Sandbox Flaws Allow RCE

Two critical security flaws in n8n have exposed sandboxing vulnerabilities, enabling remote code execution for attackers

T1190

Infosecurity Magazine →

Zero Day Initiative CVE Jan 28

ZDI-26-049: Delta Electronics DIAView Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAView. User interaction is required to ...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Fortinet Jan 28

ZDI-26-048: Fortinet FortiSandbox fortisandbox Server-Side Request Forgery Remote Code Execution Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Fortinet FortiSandbox. Authentication is required t...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 28

ZDI-26-047: Hancom Office DOC File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office. User interaction is required to exploit this...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Cisco Jan 28

ZDI-26-046: Cisco Snort _bnfa_search_csparse_nfa Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Snort. Authentication is not required to exploit this...

T1190 1 IOC

Zero Day Initiative →

Infosecurity Magazine Vulnerability Disclosure Jan 27

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

Critical sandbox escape vulnerability in Grist-Core enables remote code execution via a malicious formula

T1190

Infosecurity Magazine →

Google Project Zero Vulnerability Disclosure Linux Jan 14

A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave

With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the res...

T1190

Google Project Zero →

Zero Day Initiative CVE Jan 9

ZDI-26-042: (0Day) Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vul...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 9

ZDI-26-041: (0Day) (Pwn2Own) Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authenticat...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 9

ZDI-26-039: (0Day) WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WatchYourLAN. Authentication is not required to e...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 9

ZDI-26-038: (0Day) Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is required to exploit this vulner...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 9

ZDI-26-037: (0Day) Langflow PythonFunction Code Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Attack vectors and exploitability will vary depen...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 9

ZDI-26-036: (0Day) Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vu...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 9

ZDI-26-035: (0Day) Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vu...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 9

ZDI-26-034: (0Day) Langflow code Code Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vu...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 9

ZDI-26-032: (0Day) Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vuln...

T1190 T1059 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 9

ZDI-26-031: (0Day) Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vuln...

T1190 T1059 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 9

ZDI-26-030: (0Day) GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit thi...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Jan 9

ZDI-26-029: (0Day) GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit thi...

T1190 1 IOC

Zero Day Initiative →

Discovery

T1046 Network Service Discovery

Lateral Movement

T1021 Remote Services

Command and Control

T1071 Application Layer Protocol T1573 Encrypted Channel T1572 Protocol Tunneling

Exfiltration

T1041 Exfiltration Over C2 Channel T1567 Exfiltration Over Web Service

Impact

T1486 Data Encrypted for Impact T1489 Service Stop T1498 Network Denial of Service T1491 Defacement T1529 System Shutdown/Reboot

Resource Development

T1583 Acquire Infrastructure T1588 Obtain Capabilities

Reconnaissance

T1592 Gather Victim Host Information T1598 Phishing for Information

MITRE ATT&CK Mapping

T1190 — Exploit Public-Facing Application (Initial Access)

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Command and Control

Exfiltration

Impact

Resource Development

Reconnaissance