Many PoC for old vulnerabilities have been released in the past few weeks. Here're a few that hopefully we all still remember them. :)
March 12 - Spectre PoC released
The Spectre vulnerability (disclosed in Jan 2018), makes use of a class of processor (CPU) design vulnerabilities that allow an attacker to change the intended program control flow.
- https://security.googleblog.com/2021/03/a-spectre-proof-of-concept-for-spectre.html
- https://leaky.page/
- https://github.com/google/security-research-pocs/tree/master/spectre.js
- https://www.youtube.com/watch?v=V_9cQP60ZGI&t=2s
March 12 - Ghostcat (PoC for CVE-2020-1938)
In vulnerable Apache Tomcat, it shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected that this Connector would be disabled if not required.
- https://0day.today/exploits/34028
- https://github.com/nibiwodong/CNVD-2020-10487-Tomcat-ajp-POC
- Ghostcat (rapid7.com)
March 3 - MS Exchange Server PoC released
CVE-2020-24085 is a Microsoft Exchange Server spoofing vulnerability released as part of Microsoft’s February Patch Tuesday advisories. The vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft Exchange Server; successful exploitation requires authentication and user interaction (visiting a malicious page). Security research shows that a public proof-of-concept exploit available since February 15, 2021.
- https://github.com/sourceincite/CVE-2021-24085
March 2 - VMware vCenter Server (CVE-2021-21972) PoC released
There are at least 4 proof-of-concept (PoC) exploits publicly available. vCenter Server customers who have not patched and who have vCenter exposed to the internet should strongly consider conducting incident response investigations. Strting from March 2, it is confirmed that wild exploitation has been detected to deliver web shells and malware.
- https://attackerkb.com/topics/lrfxAJ9nhV/vmware-vsphere-client-unauth-remote-code-execution-vulnerability-cve-2021-21972
- https://swarm.ptsecurity.com/unauth-rce-vmware/
- GitHub - horizon3ai/CVE-2021-21972: Proof of Concept Exploit for vCenter CVE-2021-21972
Feb 23 - WebLogic
- https://github.com//jas502n//CVE-2020-14882
- https://github.com/jas502n/CVE-2020-14882
- https://github.com/projectdiscovery/nuclei-templates/pull/599/commits/b175c2117cdf50765f547eda42e5d48650ef1b6b
- https://github.com/foospidy/web-cve-tests
- https://www.youtube.com/watch?v=t-sxvcZNFZo&feature=youtu.be
- https://github.com/wsfengfan/cve-2020-14882
- https://github.com/pprietosanchez/CVE-2020-14750
- https://github.com/corelight/CVE-2020-14882-weblogicRCE
- https://www.rapid7.com/db/modules/exploit/multi/http/weblogic_admin_handle_rce/