Category Archives: Advisories

Backdoor.Win32.Bushtrommel.122 / Unauthenticated Remote Command Execution

Read Time:20 Second

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Bushtrommel.122
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 31745 and 1030. Adversaries
who can reach infected hosts can run commands made available by the…

Read More

Backdoor.Win32.Bushtrommel.122 / Authentication Bypass

Read Time:20 Second

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/76c09bc82984c7f7ef55eb13018e0d87.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Bushtrommel.122
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 31745 runs an ftp server on
port 1030. Attackers who can reach infected systems can logon using any
username/password…

Read More

Backdoor.Win32.Jokerdoor / Remote Stack Buffer Overflow

Read Time:20 Second

Posted by malvuln on Aug 04

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/783a191e7944e1af84ec0fa96d933f30.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Jokerdoor
Vulnerability: Remote Stack Buffer Overflow
Description: The malware listens on TCP port 27374. Attackers who can reach
an infected system can send a large payload and trigger a classic stack
buffer overflow…

Read More