[Canvas] D2 Exploitation Pack 1.82, November 5 2014

DSquare Security sales at d2sec.com
Wed Nov 5 19:16:21 EST 2014

D2 Exploitation Pack 1.82 has been released with 3 new exploits and 
one new tool.

This month we provide you a remote code execution exploit for 
ManageEngine Desktop Central and another one for ManageEngine 
EventLog Analyzer.

Also you can find a tool for JBoss JMXInvokerServlet exploitation and 
one new exploit for pwnrouter.

D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.

For sales inquiries and orders, please contact sales at d2sec.com

DSquare Security, LLC


version 1.82 Nov 05, 2014

canvas_modules - Added : 
- d2sec_desktopcentral2 : ManageEngine Desktop Central 9.0.0 Arbitrary File Upload Remote Code Execution Vulnerability (Web Exploit)
- d2sec_eventlog : ManageEngine EventLog Analyzer 9.9 File Upload Remote Code Execution Vulnerability (Web Exploit)
- d2sec_pwnrouter:
  - Compal Broadband Networks CH6640 and CH6640E Sensitive Information Disclosure

d2sec_modules - Added
- d2sec_twiddle : Tool to use when the Jboss JMXInvokerServlet invoker is up without authentication

More information about the Canvas mailing list