Summoning Team Logo
Summoning Team

Blogs

../assets/images/featured/ivanti-epm-CVE-2024-29847.jpg
The real slim shady || Ivanti Endpoint Manager (EPM) Pre-Auth RCE

ivanti just pushed a patch for a Critical CVSS 9.8 Remote Code Execution Vulnerability that I reported on May 1st 2024, impacting Ivanti Endpoint Manager (EPM)

../assets/images/featured/cover-CVE-2024-6670.png
Breaking Down Barriers: Exploiting Pre-Auth SQL Injection in WhatsUp Gold

I discovered an unauthenticatedagainst the latest version of progress whatsup gold and turned it into authentication bypass, this is the story of CVE-2024-6670

../assets/images/featured/whatsup-wcf-01.jpg
WhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive

I discovered an unauthenticated path traversal against the latest version of progress whatsup gold and turned it into a pre-auth RCE, following is how I did it, this is the story of CVE-2024-4885

../assets/images/featured/whatsup-wcf-02.jpg
WhatsUp Gold Pre-Auth RCE WriteDataFile Primitive

Using a path traversal vulnerability to achieve remote code execution, this is the story of CVE-2024-4883 a pre-auth RCE against progress whatsup gold

../assets/images/featured/whatsup-CVE-2024-5009.jpg
WhatsUp Gold SetAdminPassword Privilege Escalation

Lets analyze a privilege escalation which I found targeting progress whatsup gold, this is the story of CVE-2024-5009

../assets/images/featured/veeam-vro-CVE-2024-29855.jpg
There are no Secrets || Exploiting Veeam CVE-2024-29855

CVE-2024-29855

../assets/images/featured/veeam-epm-CVE-2024-29849.jpg
Bypassing Veeam Authentication CVE-2024-29849

CVE-2024-29849

../assets/images/featured/report-server-banner.jpg
Molding lies into reality || Exploiting CVE-2024-4358

CVE-2024-4358

../assets/images/featured/vrni-cover.png
VMWare Aria Operations for Networks Static SSH key RCE

CVE-2023-34039

../assets/images/featured/vrni.png
Pre-authenticated RCE in VMware vRealize Network Insight

CVE-2023-20887

../assets/images/featured/vmware-nsx-exploited.png
Pre-authenticated Remote Code Execution in VMWare NSX Manager

CVE-2021-39144, CVE-2022-31678

../assets/images/featured/veeam-exploit.png
Veeam Unauthenticated Remote Code Execution

CVE-2022-26503,CVE-2022-26504,CVE-2022-26500,CVE-2022-26501