[Canvas] D2 Exploitation Pack 2.04, September 5, 2016

DSquare Security sales at d2sec.com
Tue Sep 6 18:12:47 EDT 2016

D2 Exploitation Pack 2.04 has been released with 4 new exploits.

This month we provide you a client side exploit for Schneider Electric 
SoMachine HVAC which have been included in D2 Client Insider and a remote 
exploit for Tiki Wiki CMS Groupware.

Also you can find a new exploit for pwnrouter and a privilege escalation 
exploit for ArcServe. 

D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.

For sales inquiries and orders, please contact sales at d2sec.com

DSquare Security, LLC


version 2.04 Sept 5, 2016

canvas_modules - Added : 
- d2sec_axeditgrid : Schneider Electric SoMachine HVAC AxEditGrid Remote Code Execution Vulnerability (Exploit Windows)
- d2sec_twiki2 : Tiki Wiki CMS Groupware Remote Code Execution Vulnerability (Web Exploit)
- d2sec_pwnrouter:
  - d2sec_3com_3 : Password disclosure vulnerability Exploit
- d2sec_execwrapper:
  -> ArcServe UDP Unquoted Service Path Privilege Escalation Exploit

canvas_modules - Updated:
- d2sec_clientinsider updated with new exploit
- d2sec_pwnrouter: 
    - d2sec_comtrend_1 : Comtrend Information Disclosure Vulnerability Improvements

d2sec_modules - Updated:
- d2sec_gist: improvments and bug fixes

More information about the Canvas mailing list