CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41111 – BishopFox Sliver Authenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-41111
Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. Sliver version 1.6.0 (prerelease) is vulnerable to RCE on the teamserver by a low-privileged "operator" user. The RCE is as the system root user. The exploit is pretty fun as we make the Sliver server pwn itself. As described in a past issue (#65), "there is a clear security boundary between the operator and server, an operator should not inherently be able to run commands or code on the server." • https://github.com/BishopFox/sliver/commit/5016fb8d7cdff38c79e22e8293e58300f8d3bd57 https://github.com/BishopFox/sliver/issues/65 https://github.com/BishopFox/sliver/pull/1281 https://github.com/BishopFox/sliver/security/advisories/GHSA-hc5w-gxxr-w8x8 https://sliver.sh/docs?name=Multi-player+Mode • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34758
https://notcve.org/view.php?id=CVE-2023-34758
Sliver from v1.5.x to v1.5.39 has an improper cryptographic implementation, which allows attackers to execute a man-in-the-middle attack via intercepted and crafted responses. Sliver desde la versión 1.5.x hasta la versión 1.5.39 tiene una implementación criptográfica incorrecta, que permite a los atacantes ejecutar un ataque man-in-the-middle a través de respuestas interceptadas y manipuladas. • https://github.com/BishopFox/sliver/releases/tag/v1.5.40 https://github.com/advisories/GHSA-8jxm-xp43-qh3q https://github.com/tangent65536/Slivjacker https://www.chtsecurity.com/news/04f41dcc-1851-463c-93bc-551323ad8091 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •