For those who subscribed with CANVAS Exploitation Pack (CEP) for CANVAS Pro, be note for the following CEP updates that may applicable to your case.
SCADA+
1.71 ver. of Scada+ contains 4 modules. List:
– UCanCode ActiveX UCCPrint Control Remote Code Execution Vulnerability [0-Day]
– Saia PG5 WebEditor 8.3 – Code Execution Vulnerability [0-Day]
– Wind River VxWorks RPC – Denial Of Service CVE-2015-7599
– Schneider Quantum 140 series PLC Control
Agora
2.70 ver. of Agora contains 4 modules. List:
– UCOPIA Wireless Appliance < 5.1 (Captive Portal) – Unauthenticated Root Remote Code Execution
– WebClientPrint Processor 2.0.15.109 Updates Remote Code Execution
– Pelco VideoXpert 1.12.105 – Directory Traversal
– NUUO NVRmini2 / NVRsolo / Crystal Devices / NETGEAR ReadyNAS Surveillance Application – Unauthenticated Remote Code Execution [CVE-2016-5674]
DefPack
1.24 ver. of DefPack contains 3 modules. List:
– ViDigi s-3001 Ip Camera Remote Code Execution [0-Day]
– Mako Web Server 2.5 – Unauthenticated File Disclosure
– Mako Web Server 2.5 – Remote Command Execution
D2 Elliot support forDefenseCode WebScanner
D2 Elliot provides around 600 exploits and dozens of tools to test web
applications security. We built, among other modules, tools to get the best
from web security scanners: vulnerabilities.From vulnerability reports D2 Elliot is able to dynamically and automatically
create ready to use efficient exploits. Several web vulnerability scanners
are already available in D2 Elliot (Acunetix, AppScan, Arachni, AVDS, w3af and
Qualys WAS).
applications security. We built, among other modules, tools to get the best
from web security scanners: vulnerabilities.From vulnerability reports D2 Elliot is able to dynamically and automatically
create ready to use efficient exploits. Several web vulnerability scanners
are already available in D2 Elliot (Acunetix, AppScan, Arachni, AVDS, w3af and
Qualys WAS).
D2 Exploitation
D2 Exploitation Pack 2.17 has been released with 4 new exploits.
This month with two remote exploits for Symantec Messaging Gateway
and Trend Micro OfficeScan. We also added two new exploits to pwnrouter.
MedPack
1.19 ver. of MedPack contains 2 [0-day]`s. List:
– Pioneer Software ClinicOffice v5 Clinic Management Software Remote Code Execution [0-Day]
– OpenEMR v5.0.0 – Directory Traversal [0-Day]