defense-in-red-team
0
/ Published in Immunity

DefPack Exploitation Pack for CANVAS

DefPack Exploitation Pack for CANVAS, is commercial CANVAS Exploitation Pack (CEP). Due to the product continuous update in nature, so we prepare this post for those who interest to know what is include inside. Latest update will be show on the top, while older update will be auto show below. This post will keep update and the post date will follow the latest date, so it will show one post date, rather than multiple post for hassle free reading in one post. This post is about CANVAS Exploitation Pack (CEP) DefPack, it need to be use with CANVAS Exploitation Testing Framework. Feel free to contact E-SPIN for product inquiry and support.

DefPack Exploitation Pack for CANVAS Product Overview

This is an attempt to provide pentesters with a most comprehensive collection (almost 100 exploits) of Defense software vulnerabilities illustrated in a one DefPack Exploits Package.
Antiviruses, IDS and IPS systems, Firewalls, Account Management systems, End-point protection software and more are targeted.
Defense Software is very special due to its wide usage and critical nature, so we think this pack is a “MUST HAVE” for security experts.
The pack contains mostly exploits for public vulnerabilities along with some 0days discovered GLEG.

The “DefPack” features:

    • Critical value

Ability to test your defense software and to measure real threat

    • Nicest public Defense software vulnerabilities coverage!

Including old and newly discovered bugs

    • 0 Days exploits

We conduct our own in depth research and provide you with tools and sploits, which could be helpfull for Defense software pentesting.

    • Weak points analyses

Some systems suffer from weaknesses like hardcoded passwords and etc. We provide tools to test such cases.

2022-Sep-24 DefPack 1.80
public vulns: – Korenix Technology JetNet Devices Denial of Service
– Telesquare TLR-2855KS6 Arbitrary File Deletion
– Westermo PoE Gigabit Switch PMI-110-F2G Directory Traversal

2022-Aug-18 DefPack 1.79 :
– Kyan Network Monitoring Device Credential Disclosure CNVD-2021-49589
– Q-See Surveillance DVR info Disclosure CVE-2018-9995
– CVE-2022-26259 . pub
-ZyXEL Buffer Overflows in zhttpd and libclinkc.so Denial of Service

2022-Jun-30 DefPack 1.78
– Cisco Adaptive Security Appliance Software Path Traversal Vulnerability CVE-2020-3452
– D-Link Router CVE-2019-16920 Remote Code Execution. pub
– ICT Protege GX/WX 2.08 Password Hash Disclosure – Seowon SLR-120 Router RCE (Unauthenticated) CVE-2020-17456

2022-May-19 DefPack 1.77:
– D-LINK Routers Command Injection. public
– FLIR Systems FLIR Brickstream 3D+ Unauthenticated Config Download File Disclosure [1day] – Netgear RAX35, RAX38, RAX40 routers dirtrav CVE-2021-41449
– TPLink AX10 V1 Remote Denial of Service CVE-2021-41450 and more.

2022-Apr-9 DefPack 1.76:
– Novus Managment System DirTrav Vuln [1day] – Samsung SmartViewer 3.0 activex [1day] – ARD-9808 DVR Card Security Camera Password Disclosure. public
– Fujitsu-Siemens ServerView RCE. oldpublic
– Vivotek IP Cameras Information Disclosure. public

2022-Feb-10 1.75 DefPack:
– Blue Iris Video_Management Software ActiveX Control Remote Code Execution Vulnerability [1day] – D-Link DCS-2103 Network Ip Camera Directory Traversal Vulnerability. public
– Orange Livebox devices Wi-Fi infoleak +Tellion and Tiandy devices vulns

2022-Jan-19 Agora 1.74 :
– Bosch Security Systems VideoSDK RCE [1day] – Ricon Industrial Cellular Router S9922XL RCE. pub
– SonicWall SMA 10.2.1.0-17sv Password Reset CVE-2021-20034
– Edimax EW-7438RPn Infoleak. pub
– ESCAM QD-900 WIFI HD Camera Remote Configuration Disclosure. pub more

2021-Dec-10 DefPack 1.73:
– GV-Mobile Server V1510 Remote File Create Vulnerability [1 day] – GeoVision GV-Recording Server Remote File Overwrite weakness [1 day] – Xceed Software Encryption ActiveX weakness [1 day] – ARD-9808 DVR Card Security Camera Remote Denial of Service. pub
and more…

2021-Nov-13 DefPack 1.72:
– D-Link DSL-2875AL Remote Password Disclosure. pub
– IPCop 2.1.9 RCE. pub
– LANCOM R&S Unified Firewalls UF-XXX Path Traversal Vulnerability. pub
– SV3C L-Series HD Camera Remote Configuration Disclosure CVE-2018-12671
– TBK DVR4104 and DVR4216 Credentials Leak

2021-Oct-9 DefPack 1.71:
– F5 BIG-IP TMUI Directory Traversal Vulnerability CVE-2020-5902
– Positive Technologies Maxpatrol 8 and Xspider Remote DoS. pub
– Seagate BlackArmor NAS sg2000-2000.1331 Remote Code Execution. pub
– TG8 Firewall Remote Code Execution. pub
and more…

2021-Sep-21 DefPack 1.70:
– COMMAX Smart Home Ruvie CCTV Bridge DVR DoS. CVE-2021-08-16
– Foscam Cameras Dos. pub
– Genie Access WIP3BVAF IP Camera Directory Traversal Vulnerability. pub
– Karel IP Phone IP1211 Web Management Panel DirTrav.

2021-Aug-04 DefPack 1.69:
– SolarLog 500 2.8.2 Unprotected Storage of Credentials Vulnerability. pub
– Ambarella Oryx RTSP Server DoS CVE-2020-24918
– IPFire 2.25 Remote Code Execution CVE-2021-33393
– JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Config Download. pub and more.

2021-Jul-13 DefPack 1.68:
– ZBL EPON ONU Broadband Router Configuration Download. pub
– DD-WRT 45723 UPNP Buffer Overflow. pub
– Beward B4230 IP Camera Info Disclosure. 1 Day
– Beward B4230 IP Camera Privilege Escalation. 1 Day

2021-Jun-10 DefPack 1.67:
– Kamailio SIP Denial Of Service. pub
– QNAP Pre-Auth Root RCE. nice bundle exploit . pub
– VoIPmonitor 27.6 Denial Of Service. pub
– NuCom 11N Wireless Router 5.07.90 Remote Credentials Disclosure. pub

2021- May-11 Def 1.66:
– Dell KACE Systems Management Appliance (K1000) Unauthenticated RCE. pub
– D-LINK DIR-610 Authenticated RCE. CVE-2020-9377
– D-LINK DIR-610 Info Disclosure. CVE-2020-9376
– AndroVideo Advan VD-1 Password Disclosure. PUB

2021-Apr-05 DefPack 1.65:
– ZeroShell Linux Router 3.9.3 OS Command Injection. CVE-2020-29390
– Remote Code Exection. CVE-2020-35578
– Intelbras Router RF 301K 1.1.2 – Authentication Bypass. pub
– HIRSCHMANN GECKO Lite Managed switch Configuration Disclosure. pub
and more

2021-Mar-12 DefPack 1.64:
– IDAutomation unsafe activex file overwrite vulnerability. pub
– Huawei HedEx Lite directory traversal. pub
– Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal. pub
– Geutebruck IP Camera remote_reboot – pub

2021-Jan-30 DefPack 1.63:
– Nagios XI 5.7.3 – Command Injection. CVE-2020-5791
– Cisco Unified Conference Station 7937G Denial of Service. public
– Insteon HD WiFi Camera Denial of Service. CVE-2018-12640
– IpNetCam A107WIRF-HNH-03 IP-Camera auth bypass configuration download. public

2021-Jan-15 DefPack 1.62:
– Grandstream Audio Conferencing Unit Remote Reboot Vulnerability. pub
– Grandstream UCM6204 IP PBX Remote Reboot Vulnerability. pub
– Q-SYS <= 8.2.1 TFTP Directory Traversal. CVE-2020-24990
– Sony IPELA Network Camera Remote Stack Buffer Overflow PoC. public

2020-Dec-04 DefPack 1.61:
– Nagios XI 5.7.3 – Command Injection. CVE-2020-5791
– Cisco Unified Conference Station 7937G Denial of Service. public
– Insteon HD WiFI Camera Denial of Service. CVE-2018-12640
– IpNetCam A107WIRF-HNH-03 IP-Camera auth bypass configuration download. public

2020-Nov-14 DefPack news:
– Kguard SHA104 and SHA108 DVR credential disclosure vulnerability. public
– KONGTOP DVR devices A303, A403, D303, D305, and D403 backdoor check. public
– Lutron Quantum 2.0 data leak. public
– MASTER IPCAMERA01 Remote Configuration Disclosure. public

2020-Oct-05 DefPack 1.59:
– MESSOA NIC990 IP-Camera auth bypass configuration download. public
– MOVISTAR ADSL ROUTER BHS_RTA Password Disclosure. public
– Netwave IP Camera Remote Configuration Disclosure. CVE-2018-11654
– Nucom ADSL ADSLR5000UN ISP Credentials Disclosure. public

2020-Sep-04 DefPack 1.58:
– Kamailio SIP Server Denial of service. CVE-2018-8828
– PLANET ADSL ROUTER AND-4101 Password Disclosure
– SIEMENS IP-Camera CCID1410 and CCPW5025 Credentials Disclosure Vulnerability. CVE-2018-9995
– CC8800-CMTS monitoring system credential disclosure

2020-Jul-30 DefPack 1.57:
– CVE-2020-3161 Cisco IP Phones remote DoS, possible exec PoC. pub
– Netgear DGN2000v1 Setup.cgi Unauthenticated Remote Code Execution. pub
– Netgear DGN2200 DGND3700 Admin Password Disclosure. pub

2020-Jul-01DefPack 1.56:
– WatchGuard Fireware AD Helper Component Credential Disclosure. pub
– TP-LINK router TL-WR940N – Buffer Overflow. CVE-2019-6989
– Master IP CAM 01 3.3.4.2103 Remote Command Execution. CVE-2019-8387

2020-Jun-02 DefPack 1.55:
– HiSilicon hi3520d and similar system Directory Traversal.public
– Netlink GPON Router 1.0.11 Remote Code Execution. public
– Revotech I6032B-P POE 1920x1080P 2.0MP Outdoor Camera Remote Configuration Disclosure. public
– Zivif Web Cameras RCE

2020-Apr-30 DefPack 1.54:
– SecuSTATION SC-831 HD Camera – Remote Configuration Disclosure
– D-Link DIR-859 Unauthenticated Information Disclosure – CVE-2019-20213
– DBPower C300 HD Camera Remote Configuration Disclosure
– Belkin N600DB Wireless Router wifi password disclosure

2020-Mar-30 DefPack 1.52:
– Microtik SSH Daemon 6.44.3 Denial of Service. public
– F-Secure Internet Gatekeeper 5.40 Heap Overflow. public
– Enigma NMS 65.0.0 Remote OS Command Injection. CVE-2019-16072
– ClamAV 0.102.0 Code Execution Vulnerability. public

2020-Feb-29 Def 1.52 news:
– TP-Link TP-SG105E 1.0.0 – Unauthenticated Remote Reboot. public
– Huawei HG255 Directory Traversal. public
– Citrix Gateway Directory Traversal Vulnerability. public
– Aptina AR0130 960P 1.3MP Camera – Remote Configuration Disclosure. CVE-2019-20213

2020-Jan-28 1.51 Defpack updates:
– Bullwark Momentum Series JAWS 1.0 Directory Traversal. public
– NVMS 1000 network video monitoring Directory Traversal. public

2019-Dec-31 DefPack 1.50 network devices vulns:
– Moxa EDR-810 Information Disclosure. CVE-2019-10963
– Yealink VoIP Phone SIP-T38G Local File Inclusion. public
– V-SOL GPON/EPON OLT Platform 2.03 Configuration Download. public

2019-Dec-5 1.49 DefPack:
– ZTE ZXHN H108N info disclose. public
– XiongMai ip cameras Path Traversal. public
– Vivotek IP Cameras Credentials Leakage via Path Traversal

2019-Nov-1 1.48 Defpack:
– Jovision IP camera Credential Disclosure. public
– Hisilicon HiIpcam V100R003 Remote ADSL Credentials Disclosure. public
– Fibrehome HG110 Compromise of all configuration details Vulnerability. public
– Belkin Router N150 Path Traversal Vulnerability. public

2019-Sep-29 1.47 Defpack:
– Cisco RV300 RV320 Information Disclosure. CVE-2019-1653
– Cisco Video Surveillance Operations Manager DirTraversal. public
– Path Traversal in Gateway in Mirasys DVMS Workstation. CVE-2018-8727
– 3Com Intelligent Management Center vuln

2019-Sep-1 1.46 ver. of DefPack contains 3 modules:

– FortiOS 5.6.3 – 5.6.7 / FortiOS 6.0.0 – 6.0.4 – Credentials Disclosure. [CVE-2018-13379] – SecuCON NVR Directory Traversal. [public] – Trend Micro Deep Discovery Inspector Commandline Injection. [public]

2019-Jul-29 1.45 DefPack:
ag_InstarVision_DoS_PoC – InstarVision Surveillance Center Denial of Service. [1Day] ag_InstarVision_v2x_DoS – InstarVision Deutschland GmbH Surveillance Center Denial of Service. [1Day] ag_yawcam_fd – Yawcam 0.6.0 – Directory Traversal Vulnerability. CVE listed

2019-Jul-24 1.44 ver. of DefPack contains 3 modules. List:

– Cisco RV130W 1.0.3.44  Denial Of Service. CVE-2019-1663
– AXIS M1125 Remote Command Execution. CVE-2015-8257
– Actiontec WEB6000Q WiFi Network Extender Denial of Service.

2019-Jun-3 1.43 ver. of DefPack contains 2 modules. List:

– G DATA TOTAL SECURITY version 25.5.2.7 Remote File Overwrite Vulnerability. [1Day]
– G DATA TOTAL SECURITY version 25.5.2.7 Remote File Delete Vulnerability. [1Day]

2019-May-21 1.42 ver. of DefPack contains 3 modules. List:

– FLIR AX8 Thermal Camera 1.32.16 Directory Traversal Vulnerability. [public]
– Rubezh FireSec Socket Server Denial Of Service. [1Day]
– VelotiSmart WiFi B-380 Camera – Directory Traversal Vulnerability. [CVE-2018-14064]

2019-Apr-16 1.41 ver. of DefPack contains 3 modules. List:

– Apache Jetspeed v.2.3.0 Remote Code Execution Vulnerability CVE-2016-0710
– Oracle Java SE – Web Start jnlp XML External Entity Processing Information Disclosure CVE-2017-10309
 – BEWARD N100 H.264 VGA IP Camera M2.1.6 – Remote Code Execution ZSL-2019-5512
1.40 ver. of DefPack contains 3 modules. List:
– Foscam ip camera IPCWebComponents ActiveX Control Remote DoS Vulnerability. [1Day]
– devolo firmware ‘hidden’ services enable. [ZSL-2019-5508]
– Fortinet FortiOS unauth LDAP server login. [CVE-2018-13374]
1.39 ver. of DefPack contains 3 modules. List:
– ZTE ZXHN H168N – Improper Access Restrictions. [CVE-2018-7357], [CVE-2018-7358]
– Huawei b315s-22 Information Leak. [CVE-2018-7921]
– Huawei Router HG532e Command Execution. [CVE-2015-7254]

2019-Jan-7 1.38 ver. of DefPack contains 5 modules. List:

– Unitrends UEB 9.1 – Unauthenticated Remote Code Execution. [CVE-2017-12477.]
– TrustPort Management – Remote Code Execution. public
– TP-Link Technologies TL-WA850RE Wi-Fi Range Extender – Unauthorized Remote Reboot.
– Cisco Prime Collaboration Provisioning < 12.1 – Authentication Bypass / Remote Code Execution. [CVE-2017-6622]

– Cisco RV110W Password Disclosure and OS Command Execute. [CVE-2014-0683], [CVE-2015-6396]

2018-Dec-12 1.37 ver. of DefPack contains 4 modules. List:

– Appear TV XC5000 and XC5100 devices with firmware 3.26.217 – Directory Traversal. [CVE-2018-7539]
– Belkin NetCam F7D7601 – Remote Command Execution. [1Day]
– Remote Code Execution in CCTV-DVR affecting over 70 different vendors. old public (missed in Defpack…)
– KYOCERA Multi-Set Template Editor 3.4 (part of Net Admin) – Out-Of-Band XML External Entity Injection. [1Day]

2018-Oct-26 1.36 ver. of DefPack contains 3 modules. List:

– Acrolinx Server < 5.2.5 Directory Traversal. CVE-2018-7719
– Belkin N600DB Wireless Router – Remote Command Execution. public
– Seagate Personal Cloud. Remote Command Execution. CVE-2018-5347

2018-Sep-26 1.35 ver. of DefPack contains 5 modules. List:

– DLink DNS-325 ShareCenter 1.05B03 – Command Injection. [public]
– Information Disclosure. [CVE-2017-16886]
– Telesquare SKT LTE Router SDT-CS3B1 – Reset Router. [EDB-ID: 43402]
– Western Digital WDMyCloud – [Remote Code Execution.]
– Blind SQL Injection. [public]

2018-Aug-27 1.34 ver. of DefPack contains 6 modules. List:

– Hewlett Packard Enterprise Intelligent Management Center 7.2 – Unauthenticated Remote Code Execution. [CVE-2017-5817]
– Vitek CCTV recorder VT-HDOC16BR Remote Command Execution. [1Day]
– Vonage VDV-23 voip telephone adapter Denial of Service. [CVE-2017-16902]
– Artica Web Proxy 3.06 – Remote Code Execution. [CVE-2017-17055]
– D-Link DIR605L – Denial of Service. [CVE-2017-9675]
– D-Link DIR850L – credential disclosure vulnerability. public

2018-Aug-10 1.33 ver. of DefPack contains 7 modules. List:

– TrendNet TEW-751DR, TEW-752DRU, TEW733GR routers – Information Disclosure. public
– HPE Intelligent Management Center Privilege Escalation” [1Day]
– Infrasightlabs vScopeServer Remote Command Execution” [1Day]
– Infrasightlabs vScopeServer RCE 2″ [1Day]
– Kaspersky KSN for Linux 5.2 – Denial of Service. public
– Parallels Remote Application Server (RAS) 15.5 – Path Traversal. CVE-2017-9447
– SEGGER embOS/IP FTP Server 3.22 – Denial of Service. CVE-2018-7449

2018-Jun-26 1.32 ver. of DefPack contains 6 modules. List:

– NETGEAR ProSafe Network Management System 300 Authenticated File Download.
– Axis Communications MPQT/PACS – Heap Overflow Denial of Service.
– Coredy CX-E120 Repeater – Unauthenticated Root Password Reset.
– Coredy CX-E120 Repeater – Remote Command Execution.
– Dasan Networks GPON ONT WiFi Router – Remote Command Execution.
– HP Data Protector A.09.00 – Remote Code Execution.

2018-May-25 1.31 ver. of DefPack contains 4 modules. List:

– 3.3.2 XML-RPC Remote Code Execution [CVE-2017-11610]
– Zabbix 2.0 – 3.0.3 SQL Injection
– Zabbix 2.2 – 3.0.3 Remote Command Execution with API JSON-RPC
– Drupal RESTWS Module 7.x Remote PHP Code Execution

2018-May-2 1.30 ver. of DefPack contains 3 modules. List:

– HPE Intelligent Management Center File Upload RCE [0-Day]
– Hikvision IP Camera versions 5.2.0 – 5.3.9 (Builds 140721 < 170109) – Privilege Escalation Exploit
– Cisco RV132W/RV134W ADSL2+ Wireless-N/AC VPN Routers – Information Disclosure [CVE-2018-0125]

2018-Mar-26 1.29 ver. of DefPack contains 3 modules. List:

– Trend Micro Data Loss Prevention Virtual Appliance 5.2 – Path Traversal Vulnerability
– WebLog Expert Web Server Enterprise v9.4 Denial of Service [CVE-2018-7582]
– Hewlett Packard Enterprise Intelligent Management Center Arbitrary File Upload [0-Day]

2018-Feb-28 1.28 ver. of DefPack contains 3 modules. List:

– UPSMON PRO for Windows v.1.23 – Path Traversal Vulnerability [0-Day]
– Trend Micro Control Manager 6.0 – Authenticated File Upload
– iBall ADSL2+ Home Router – Reset Router

2018-Jan-29 1.27 ver. of DefPack contains 3 modules. List:

– Hewlett Packard Enterprise Intelligent Management Center Directory Listing [0-Day]
– Huawei HG255s Directory Traversal
– Brother International Corporation Debut Embedded httpd 1.20 Denial of Service [CVE-2017-16249]
Tagged under:

What you can read next

D2 Elliot Web Exploitation Framework for web application pentesting
Webinar Immunity Canvas & Exploitation Pack
E-SPIN Wireless Network Security Assessment Services Overview
SILICA Product Overview

Leave a Reply

Your email address will not be published. Required fields are marked *