API tools faq
paste
GhostSecCanada

EXPLOITABLE BLOCK merlot.kudos.net.nz

GhostSecCanada
Nov 3rd, 2020
340
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.51 KB | None | 0 0
raw download clone embed print report
  1. 210.48.1.214
  2. merlot.kudos.net.nz
  3. Microsoft-HTTPAPI/2.0
  4. WORKING EXPLOIT
  5. Microsoft UPnP Local Privilege Elevation Vulnerability
  6. Disclosed
  7. 11/12/2019
  8. Created
  9. 12/19/2019
  10. Description
  11. This exploit uses two vulnerabilities to execute a command as an elevated user. The first (CVE-2019-1405) uses the UPnP Device Host Service to elevate to NT AUTHORITY\LOCAL SERVICE The second (CVE-2019-1322) leverages the Update Orchestrator Service to elevate from NT AUTHORITY\LOCAL SERVICE to NT AUTHORITY\SYSTEM.
  12. #GhostSec
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!