move / rce

Mitre Att&ck Entreprise:

• TA0006 - Credentials Access

• T1021 - Remote Services

• vfeed 2021
• vfeed 2020
• vfeed 2019
• vfeed 2016

</tbody> </table>

Reference	OS	Service	PoC
CVE-2021-22986	BIG-IP	LB	POC: YT - Rapid SafeGuard MSF: exploit/linux/http/f5_icontrol_rest_ssrf_rce
CVE-2021-21972	VMware	VCenter	POC: Article - PTSecurity Mitigation - VMWare KB 82374 MSF: exploits/multi/http/vmware_vcenter_server_unauthenticated_file_upload_exploit
CVE-2021-21974	VMware	VCenter	POC:
CVE-2021-21985	VMware	VCenter
CVE-2021-22005	VMware	VCenter
CVE-2021-44228	Apache	Log4j	CODENAME: Log4Shell POC: List - AttackerKB Affected Products Tool - Veracode rogue-jndi LDAP server PoC - YT - VMWare VCenter 6.5 to 6.7. Null SAMLRequest + LDAP JNDI url in 'X-Forwarded-For' over the login page. TEST: TEST:
CVE-2021-41773	Apache		VER: httpd:2.4.49 POC: nmap nse CMD: curl http://localhost:8080/cgi-bin/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
CVE-2021-26855	Microsoft	Exchange	CODENAME: ProxyLogon
CVE-2021-26084	Confluence	OGNL		CVE-2021-40444	Microsoft	MSHTML
CVE-2021-43798	Graphana
CVE-2021-22205	GitLab
CVE-2021-42013	Apache	HTTP	VER: httpd 2.4.50 REQ: CGI-BIN enabled,
CVE-2021-36934	Windows		CODENAME: HiveNightmare / SeriousSam
CVE-2021-21300	Git	Visual Studio
CVE-2021-38647	Azure	Open Management Infrastructure	OmiGod
CVE-2021-42278 / CVE-2021-42287	Windows	Active Directory	PoC - Article - ... PoC - Article - ...
CVE-2021-35211	Serv-U	FTP	Tool - BishopFox
CVE-2020-5902	BIG-IP	LB	POC: GH jas502n MSF: exploit/linux/http/f5_bigip_tmui_rce
CVE-2020-0796	Windows	SMBv3	CODENAME: SMBGhost MSF: exploit/smbghost_privesc POC: Disable security: Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" DisableCompression -Type DWORD -Value 0 -Force
CVE-2020-1472	Windows	MS-NRPC	CONDENAME: Zerologon POC: GH risksense TEST: TryHackMe
CVE-2020-14882	Oracle	WebLogic
CVE-2020-1938	Apache	Tomcat	CODENAME: GhostCat POC: github/hypn0s POC: AJP protocol enabled. Port 8009 open. VER: v9.0.x < 9.0.31, v8.5.x < 8.5.51, v7.x < 7.0.100 TEST: TryHackMe
CVE-2020-3452	Cisco	ASA
CVE-2020-0688	Windows	Exchange
CVE-2020-16898		Windows	CODENAME: Bad Neighor
CVE-2020-11651	SaltStack
CVE-2020-1350	Windows	DNS	CODENAME: SIGRed
CVE-2019-0708	Windows	RDP	CODENAME: BlueKeep MSF: exploit/windows/rdp/cve_2019_0708_bluekeep_rce
CVE-2019-19781	Citrix ADC	ADC	MSF: exploit/linux/http/citrix_dir_traversal_rce VER: 10.5, 11.1, 12.0, 12.1, and 13.0
CVE-2017-0144	Windows	SMB	CODENAME: EternalBlue MSF: exploit/windows/smb/ms17_010_eternalblue TEST:
CVE-2017-0145	Windows	SMB	CODENAME: DoublePulsar MSF: exploit/windows/smb/smb_doublepulsar_rce
CVE-2017-0145	Windows	RDP	CODENAME: DoublePulsar MSF: exploit/windows/rdp/rdp_doublepulsar_rce