CVE-2024-46888 [CRITICAL] :

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. This could allow an authenticated remote attacker to manipulate arbitrary files on the filesystem and achieve arbitrary code execution on the device.

N7W Era Penetration Testing Notes

cheatsheet
exploit

I have gathered these notes from lots of sources on the internet, such as OSCP guides, enumeration guides and books. If you see any content that you wrote and I haven't credited you, please let me know and I will add it.

Visit Website

Listed: Mon Nov 13 2023