Tag
high
advisory
Windows SQL Server xp_cmdshell Configuration Change Detected
2 rules 1 TTPDetection of changes to the xp_cmdshell configuration in SQL Server, a feature often abused by attackers for privilege escalation and lateral movement by enabling execution of operating system commands.
SQL Server +3
sql_server
xp_cmdshell
privilege_escalation
lateral_movement
windows
2r
1t
high
advisory
CVE-2026-40370: SQL Server External Control of File Name or Path Vulnerability
2 rules 1 TTP 1 CVECVE-2026-40370 allows an authorized attacker with control over file names or paths to execute code over a network in Microsoft SQL Server.
SQL Server
cve
sql_server
rce
2r
1t
1c