Explotación pública

Catálogo de exploits

Todo exploit público que catalogamos, en un solo índice. Busca por CVE, nombre del exploit o tecnología — y mira, al lado, lo que la falla realmente vale: severidad, probabilidad de explotación y si ya está bajo ataque.

71.062exploits catalogados
31.617CVEs con explotación pública
0probados en laboratorio
3462 exploits
Metasploit600
Geutebruck instantrec Remote Command Execution
CVE-2021-33549HIGH08 jul 2021
UDP Technology/Geutebrück camera devices: Buffer overflow in action parameter leading to RCE
48RIESGO
abrir
Metasploit600
Geutebruck Multiple Remote Command Execution
CVE-2021-33544HIGH08 jul 2021
UDP Technology/Geutebrück camera devices: command injection leading to RCE
58RIESGO
abrir
Metasploit600
Geutebruck Multiple Remote Command Execution
CVE-2021-33543CRITICAL08 jul 2021
UDP Technology/Geutebrück camera devices: Authentication Bypass
65RIESGO
abrir
Metasploit600
Geutebruck Multiple Remote Command Execution
CVE-2021-33552HIGH08 jul 2021
UDP Technology/Geutebrück camera devices: Command injection in date parameter leading to RCE
48RIESGO
abrir
Metasploit600
Geutebruck Multiple Remote Command Execution
CVE-2021-33550HIGH08 jul 2021
UDP Technology/Geutebrück camera devices: Command injection in date parameter leading to RCE
48RIESGO
abrir
Metasploit600
Geutebruck Multiple Remote Command Execution
CVE-2021-33548HIGH08 jul 2021
UDP Technology/Geutebrück camera devices: Command injection in preserve parameter leading to RCE
48RIESGO
abrir
Metasploit400
Sage X3 Administration Service Authentication Bypass Command Execution
CVE-2020-7388CRITICAL07 jul 2021
Sage X3 AdxAdmin Unauthenticated Command Execution Bypass by Spoofing
85RIESGO
abrir
Metasploit400
Sage X3 Administration Service Authentication Bypass Command Execution
CVE-2020-7387MEDIUM07 jul 2021
Sage X3 AdxAdmin Exposure of Sensitive Information to an Unauthorized Actor
40RIESGO
abrir
Metasploit500
Netfilter x_tables Heap OOB Write Privilege Escalation
CVE-2021-22555HIGHbajo ataque07 jul 2021
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE
100RIESGO
abrir
Metasploit600
ForgeRock / OpenAM Jato Java Deserialization
CVE-2021-35464CRITICALbajo ataqueransomware29 jun 2021
ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pa
100RIESGO
abrir
Metasploit600
Moodle SpellChecker Path Authenticated Remote Command Execution
CVE-2021-21809HIGH22 jun 2021
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted s
41RIESGO
abrir
Metasploit600
Wordpress Plugin SP Project and Document - Authenticated Remote Code Execution
CVE-2021-2434714 jun 2021
SP Project & Document Manager <2 4.22 - Authenticated Shell Upload
30RIESGO
abrir
Metasploit600
elFinder Archive Command Injection
CVE-2021-32682CRITICAL13 jun 2021
Multiple vulnerabilities leading to RCE
75RIESGO
abrir
Metasploit300
Wordpress Popular Posts Authenticated RCE
CVE-2021-42362HIGH11 jun 2021
WordPress Popular Posts <= 5.3.2 Authenticated Arbitrary File Upload
78RIESGO
abrir
Metasploit300
Print Spooler Remote DLL Injection
CVE-2021-34527HIGHbajo ataqueransomware08 jun 2021
Windows Print Spooler Remote Code Execution Vulnerability
100RIESGO
abrir
Metasploit300
Print Spooler Remote DLL Injection
CVE-2021-1675HIGHbajo ataqueransomware08 jun 2021
Windows Print Spooler Remote Code Execution Vulnerability
100RIESGO
abrir
Metasploit600
Polkit D-Bus Authentication Bypass
CVE-2021-3560HIGHbajo ataque03 jun 2021
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privile
91RIESGO
abrir
Metasploit300
Squid Proxy Range Header DoS
CVE-2021-3180627 may 2021
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a
40RIESGO
abrir
Metasploit300
Squid Proxy Range Header DoS
CVE-2021-3180727 may 2021
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to
23RIESGO
abrir
Metasploit600
VMware vCenter Server Virtual SAN Health Check Plugin RCE
CVE-2021-21985CRITICALbajo ataqueransomware25 may 2021
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual
100RIESGO
abrir
Metasploit600
ExifTool DjVu ANT Perl injection
CVE-2021-22204MEDIUMbajo ataque24 may 2021
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code exec
100RIESGO
abrir
Metasploit600
IPFire 2.25 Core Update 156 and Prior pakfire.cgi Authenticated RCE
CVE-2021-3339317 may 2021
lfs/backup in IPFire 2.25-core155 does not ensure that /var/ipfire/backup/bin/backup.pl is owned by the root account. It
50RIESGO
abrir
Metasploit600
Microsoft SharePoint Unsafe Control and ViewState RCE
CVE-2021-31181HIGH11 may 2021
Microsoft SharePoint Remote Code Execution Vulnerability
48RIESGO
abrir
Metasploit500
Linux eBPF ALU32 32-bit Invalid Bounds Tracking LPE
CVE-2021-3490HIGH11 may 2021
Linux kernel eBPF bitwise ops ALU32 bounds tracking
41RIESGO
abrir
Metasploit300
Windows IIS HTTP Protocol Stack DOS
CVE-2021-31166CRITICALbajo ataque11 may 2021
HTTP Protocol Stack Remote Code Execution Vulnerability
100RIESGO
abrir
Metasploit300
Apache 2.4.49/2.4.50 Traversal RCE scanner
CVE-2021-41773HIGHbajo ataqueransomware10 may 2021
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RIESGO
abrir
Metasploit600
Apache 2.4.49/2.4.50 Traversal RCE
CVE-2021-42013CRITICALbajo ataqueransomware10 may 2021
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RIESGO
abrir
Metasploit600
Apache 2.4.49/2.4.50 Traversal RCE
CVE-2021-41773HIGHbajo ataqueransomware10 may 2021
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
100RIESGO
abrir
Metasploit300
Apache 2.4.49/2.4.50 Traversal RCE scanner
CVE-2021-42013CRITICALbajo ataqueransomware10 may 2021
Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
100RIESGO
abrir
Metasploit600
Cisco HyperFlex HX Data Platform unauthenticated file upload to RCE (CVE-2021-1499)
CVE-2021-1499MEDIUM05 may 2021
Cisco HyperFlex HX Data Platform File Upload Vulnerability
50RIESGO
abrir

Indexamos solo el enlace público a la prueba de concepto — nunca alojamos ni redistribuimos código de explotación. Fuentes: PoC-in-GitHub, Exploit-DB, Nuclei, Metasploit y VulnCheck XDB. La existencia de PoC pública no significa que la falla sea explotable en tu entorno.