Tag

Exploit

12 briefs RSS

ZTE H298A/H108N Unauthenticated Credential Exposure

A public exploit (EDB-52592) has been published for ZTE H298A and H108N routers, which allows unauthenticated access to sensitive credentials.

H298A +1 credential-exposure router exploit

2r 1t 3w ago

high advisory

ZTE ZXHN H188A V6 Authentication Bypass Vulnerability

2 rules 1 TTP

A public exploit is available for an authentication bypass vulnerability affecting ZTE ZXHN H188A V6, increasing the risk to unpatched devices.

ZXHN H188A V6 authentication-bypass router exploit

2r 1t 3w ago

critical advisory

strongSwan 5.9.13 libsimaka EAP-SIM/AKA Heap Buffer Overflow Vulnerability

2 rules 1 TTP

A remote exploit is available for strongSwan 5.9.13 exploiting a heap buffer overflow in the libsimaka EAP-SIM/AKA module (CVE-2026-35330), enabling pre-authentication exploitation via a malformed EAP-SIM/AKA payload.

strongSwan <= 5.9.13 strongSwan heap-overflow eap-sim eap-aka CVE-2026-35330 exploit

2r 1t 3w ago

medium advisory

BookStack 25.12.1 Denial-of-Service Vulnerability

2 rules 1 TTP

A denial-of-service vulnerability exists in BookStack version 25.12.1, and a public exploit (EDB-52571) is available, increasing the risk to unpatched systems.

BookStack denial-of-service webapps exploit

2r 1t May 21, 2026

high threat

Cockpit 359 Remote Code Execution Vulnerability

2 rules 1 TTP

Cockpit version 359 is vulnerable to remote code execution, and a public exploit is available on Exploit-DB, increasing the risk for unpatched systems.

Cockpit 359 rce webapps exploit

2r 1t May 21, 2026

high threat

Remote Sunrise Helper for Windows 2026.14 Remote Code Execution Vulnerability

2 rules 2 TTPs

A remote code execution vulnerability exists in Remote Sunrise Helper for Windows version 2026.14, which can be exploited without authentication, as demonstrated by a public exploit published on Exploit-DB.

Remote Sunrise Helper for Windows remote-code-execution exploit windows

2r 2t May 15, 2026

critical advisory

Apache HertzBeat 1.8.0 Remote Code Execution Vulnerability

2 rules 1 TTP

Apache HertzBeat 1.8.0 is vulnerable to remote code execution due to a newly published exploit, posing a significant risk to unpatched systems.

HertzBeat 1.8.0 rce apache-hertzbeat exploit webapps

2r 1t May 14, 2026

high advisory

ThingsBoard IoT Platform 4.2.0 Server-Side Request Forgery Vulnerability

1 rule 1 TTP

A public exploit is available for a Server-Side Request Forgery (SSRF) vulnerability in ThingsBoard IoT Platform 4.2.0, increasing the risk for unpatched systems.

ThingsBoard IoT Platform 4.2.0 ssrf exploit iot

1r 1t May 7, 2026

high advisory

DarkSword iOS Exploit Used in Infostealer Attack

2 rules 3 TTPs

A new exploit dubbed 'DarkSword' is being actively exploited in infostealer campaigns targeting iPhones, potentially leading to unauthorized data access and device compromise.

ios exploit infostealer darksword

2r 3t Mar 19, 2026

high advisory

DarkSword iOS Exploit Chain Proliferation

1 rule 2 TTPs

The DarkSword exploit chain targets iOS versions 18 and under by exploiting a WebKit vulnerability, and is being adopted by multiple threat actors for initial access and execution.

ios exploit webkit darksword

1r 2t Mar 19, 2026

high advisory

Fortigate VPN CVE-2023-27997 Exploitation Attempt

2 rules 1 TTP

IDS alerts indicate a potential exploitation attempt against a Fortigate VPN server using CVE-2023-27997, characterized by repeated GET requests to the /remote/logincheck endpoint originating from a specific IPv6 address.

fortigate vpn cve-2023-27997 exploit initial-access

2r 1t Feb 28, 2026

high advisory

Fortigate VPN Exploit Attempt via CVE-2023-27997 and Suspicious User-Agent

3 rules 2 TTPs

Multiple IDS alerts indicate potential exploitation attempts against Fortigate VPN servers using CVE-2023-27997, alongside traffic from a suspicious user agent, possibly indicating reconnaissance or exploit activity.

fortigate vpn cve-2023-27997 exploit network

3r 2t Feb 26, 2026