From sales at d2sec.com  Sun Jun  2 20:35:35 2019
From: sales at d2sec.com (DSquare Security)
Date: Sun, 2 Jun 2019 15:35:35 -0500
Subject: [Canvas] D2 Exploitation Pack 2.37, June 3, 2019
Message-ID: <20190602203535.GA16933@d2sec.com.theplanet.host>

D2 Exploitation Pack 2.37 has been released with 4 new exploits.

This month we provide you one remote exploit for Citrix SD-WAN and two ones for 
Teltonika Router. We also added one new exploit to pwnrouter.


Don't forget to follow us: https://twitter.com/d2sec


D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.

For sales inquiries and orders, please contact sales at d2sec.com

--
DSquare Security, LLC
Website: https://www.d2sec.com
Twitter: https://twitter.com/d2sec
YouTube: https://www.youtube.com/user/dsquaresecurity


Changelog:

version 2.37 June 3, 2019
------------------------------

canvas_modules - Added: 
- d2sec_netscaler2: Citrix SD-WAN Center Remote Code Execution Vulnerability
- d2sec_teltonika: Teltonika Router RUT9XX Remote Command Execution Vulnerability
- d2sec_teltonika2: Teltonika Router RUT9XX hotspotlogin.cgi Remote Command Execution Vulnerability
- d2sec_pwnrouter:
  d2sec_netgear_8: Netgear DGN2200/DGND3700 Credentials Disclosure Vulnerability
  

From admin at vulndisco.cc  Wed Jun  5 10:37:04 2019
From: admin at vulndisco.cc (Evgeny Legerov)
Date: Wed, 05 Jun 2019 10:37:04 -0000
Subject: [Canvas] VulnDisco Pack Professional 10.67
Message-ID: <62a0c48a-51d0-ed34-f9be-2ef384dcb18e@vulndisco.cc>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi list,

I am glad to announce that Vulndisco 10.67 has been released.
This update contains new WhatsApp 0day exploit.

regards,
- -evgeny
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJc95tGAAoJEPHiK/cZdSp45f0P/1azRMBGMDphu/tos/hXHNmv
4/2LBjiKsBINfgrJ9qJ7YK+Y0fEsxNEwLKcL56ejkD+MeX/OyL96m8w0h76wnz4L
OHIOBO6dZgL0Qap6KoVJ6LNNsoUo04Wrsn8F9/2XLdx/y5jA2YamSf/4KVg8cguC
OfOloouSUZR4a9t2tcKsAmBtcOlbXdHMnRXfGYPjlf+GEu4HcIG3lHVfRA8gpCM/
804BhGlwbTTxMb7wzlaEvPIEO7OBKwDpXbKu5d9EnTEVuTQjYYa0PWEvYfKpqsP4
PQmzxow+2c25+xjNCIDFzJlrsELFUNDWgETU5eyG1bSrUArR0qZaUlfL6+gmjE8k
VAbtmEXT1ZUUHBkebXSBZTpZfoJrgYfIfVwfC/YVqx/NMzeydSLpySRAoFfXZTLH
I2603hOTNo4muEw3RgYxoMcDI80tpIwMcMpa5/A9YcxIVAERiQWwG6cYOS+kN5UR
4xtUHDWsrT6A0ViZV+lr+ISDvJFhtbn+3ktHaR160w0h7urkXr985gclokTKSq+Q
2iFp5AXQuGTlDHd1cecUJaCNtwuJZRNHsDS7PQtv1Nnr848tH5qf//zMEVxPxnr+
YH2j4CS55EG0zGB4J5mesVCLAfu/zWC1KfAupnVmsYgkuxuf77m8orNy3ZoleK/8
jvXdBTNfuo+HVSUamMd0
=8Olh
-----END PGP SIGNATURE-----

From audit at gleg.net  Thu Jun 27 13:19:23 2019
From: audit at gleg.net (Yuriy Gurkin)
Date: Thu, 27 Jun 2019 13:19:23 -0000
Subject: [Canvas] MedPack 1.30 is out
Message-ID: <CAGZXBLju2YvxfuawVQNeKv4YQNHf1k4agY5h-mdSeZ97npaiTA@mail.gmail.com>

Hi, List,

1.30 ver. of MedPack contains 1 module. List:

- JVSdicom Server Remote Denial Of Service [1Day]

Happy pentesting,
Gleg`s Security team <http://gleg.net/>
Follow us on Twitter: GlegExploitPack <https://twitter.com/GlegExploitPack>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/canvas/attachments/20190627/99d9f96e/attachment.html>

From audit at gleg.net  Thu Jun 27 13:18:13 2019
From: audit at gleg.net (Yuriy Gurkin)
Date: Thu, 27 Jun 2019 13:18:13 -0000
Subject: [Canvas] SCADA+ pack 1.91 is out
Message-ID: <CAGZXBLiiPuOVQdF=1KrBT1srQ1jj-zwvGtdSzWLA0GqtR0E2Tw@mail.gmail.com>

Hi, List,

1.91 ver. of SCADA+ contains 4 modules. List:

- AGG Software OPC HTTP Gateway Premium Directory Traversal [1Day]
- AGG Software OPC Scada Viewer Directory Traversal [1Day]
- Inductive Automation Ignition 7.6.4 XXE [1Day]
- Inductive Automation Ignition 7.5.4 XML External Entity [1Day]

Happy pentesting,
Gleg`s Security team <http://gleg.net/>
Follow us on Twitter: GlegExploitPack <https://twitter.com/GlegExploitPack>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/canvas/attachments/20190627/2030a1b3/attachment.html>

From audit at gleg.net  Thu Jun 27 13:17:05 2019
From: audit at gleg.net (Yuriy Gurkin)
Date: Thu, 27 Jun 2019 13:17:05 -0000
Subject: [Canvas] DefPack pack 1.44 is out
Message-ID: <CAGZXBLhnGqHp0tH0kqGSBReo5nsYcZ2z=B11rFYj0AHPrUphNA@mail.gmail.com>

Hi, List,

1.44 ver. of DefPack contains 3 modules. List:

- Cisco RV130W 1.0.3.44  Denial Of Service. CVE-2019-1663
- AXIS M1125 Remote Command Execution. CVE-2015-8257
- Actiontec WEB6000Q WiFi Network Extender Denial of Service. public

Gleg`s Security team <http://gleg.net/>
Follow us on Twitter: GlegExploitPack <https://twitter.com/GlegExploitPack>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/canvas/attachments/20190627/14fe14e3/attachment.html>

From audit at gleg.net  Thu Jun 27 13:02:54 2019
From: audit at gleg.net (Yuriy Gurkin)
Date: Thu, 27 Jun 2019 13:02:54 -0000
Subject: [Canvas] Agora pack 2.90 is out
Message-ID: <CAGZXBLgvi5XKpwUJrOGMe+CvZEkX6U7GcfRbhS3YXZjbCqDtkg@mail.gmail.com>

Hi, List,

2.90 ver. of Agora contains 2 modules. List:

- KONE elevator groups controlling software Directory Traversal.
CVE-2018-15486
- most of windows platforms Remote Desktop Denial of Service. public.

Happy pentesting,
Gleg`s Security team <http://gleg.net/>
Follow us on Twitter: GlegExploitPack <https://twitter.com/GlegExploitPack>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/canvas/attachments/20190627/81500df4/attachment.html>