BuilderTorCTPHPRAT.b / Arbitrary File Upload - RCE

Read Time:17 Second

Posted by malvuln on Mar 20

Discovery / credits: Malvuln – malvuln.com (c) 2022
Original source:
https://malvuln.com/advisory/838f67d7a4b6824ec59892057aab3bb7_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: BuilderTorCTPHPRAT.b
Vulnerability: Arbitrary File Upload – RCE
Family: TorCTPHPRAT
Type: WebUI
MD5: 838f67d7a4b6824ec59892057aab3bb7 (Webremote TorCT Client.exe)
MD5: b54822058a3ed33c673d06113b453ebe (upload.php)
Vuln ID: MVID-2022-0519…

USN-7432-1: libsoup vulnerabilities

It was discovered that libsoup could be made to read out of bounds. An attacker could possibly use this issue...

April 10, 2025

chromium-135.0.7049.84-1.fc40

FEDORA-2025-4ad8f5e805 Packages in this update: chromium-135.0.7049.84-1.fc40 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

chromium-135.0.7049.84-1.el9

FEDORA-EPEL-2025-6930d627d4 Packages in this update: chromium-135.0.7049.84-1.el9 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

chromium-135.0.7049.84-1.el10_1

FEDORA-EPEL-2025-d2ac333cd9 Packages in this update: chromium-135.0.7049.84-1.el10_1 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

chromium-135.0.7049.84-1.fc41

FEDORA-2025-20e35f4f9f Packages in this update: chromium-135.0.7049.84-1.fc41 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

llama-cpp-b4094-11.fc42

FEDORA-2025-b356588c06 Packages in this update: llama-cpp-b4094-11.fc42 Update description: Fix bz2358011 Read More

April 10, 2025

Reimagining Democracy

China-based SMS Phishing Triad Pivots to Banks

Google Cloud: China Achieves “Cyber Superpower” Status

Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity

Over 40% of UK Businesses Faced Cybersecurity Breaches in 2024

SpyNote Malware Targets Android Users with Fake Google Play Pages

AI-Powered AkiraBot Evades CAPTCHA to Spam 80,000 Websites

Operation Endgame Continues with Smokeloader Customer Arrests

Smashing Security podcast #412: Signalgate sucks, and the quandary of quishing

BuilderTorCTPHPRAT.b / Arbitrary File Upload – RCE

USN-7432-1: libsoup vulnerabilities

chromium-135.0.7049.84-1.fc40

chromium-135.0.7049.84-1.el9

chromium-135.0.7049.84-1.el10_1

chromium-135.0.7049.84-1.fc41

llama-cpp-b4094-11.fc42