[Canvas] D2 Exploitation Pack 2.18, November 1, 2017

DSquare Security sales at d2sec.com
Wed Nov 1 11:41:42 UTC 2017

D2 Exploitation Pack 2.18 has been released with 4 new exploits.

This month we provide you one remote exploit for Trend Micro Data Loss 
Prevention. With our Microsoft Word DDEAUTO module you'll be able to create
docx file for client side code execution. We also added two new exploits to 

The videos for this release are available on our Youtube channel:

Don't forget to follow us: https://twitter.com/d2sec

D2 Exploitation Pack is updated each month with new exploits and tools.
For customized exploits or tools please contact us at info at d2sec.com.

For sales inquiries and orders, please contact sales at d2sec.com

DSquare Security, LLC


version 2.18 November 1, 2017

canvas_modules - Added: 
- d2sec_ddeauto: Microsoft Word DDEAUTO Code Execution Vulnerability
- d2sec_tmdlp: Trend Micro Data Loss Prevention dlpCrawlerServerInvoker Deserialization Remote Code Execution Vulnerability
- d2sec_pwnrouter:
  d2sec_videoiq_1: VideoIQ Camera Local File Disclosure Vulnerability
  d2sec_vanderbilt_1: Vanderbilt IP-Camera Local File Disclosure Vulnerability

canvas_modules - Updated:
- d2sec_avds: bug fix 

More information about the Canvas mailing list