Vulnerabilities > Helpsystems

DATE CVE VULNERABILITY TITLE RISK
2023-03-24 CVE-2022-42948 Improper Encoding or Escaping of Output vulnerability in Helpsystems Cobalt Strike 4.7.1
Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components.
network
low complexity
helpsystems CWE-116
critical
9.8
2022-07-27 CVE-2021-46830 Path Traversal vulnerability in Helpsystems Goanywhere Managed File Transfer
A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client.
network
low complexity
helpsystems CWE-22
6.5
2022-04-21 CVE-2021-43708 Improper Preservation of Permissions vulnerability in Helpsystems Titus Data Classification 18.8.1910.140
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode.
local
low complexity
helpsystems CWE-281
5.5
2022-02-15 CVE-2022-23317 Improper Authentication vulnerability in Helpsystems Cobalt Strike
CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with "/", and attackers can obtain relevant information by specifying the URL.
network
low complexity
helpsystems CWE-287
7.5
2021-08-09 CVE-2021-36798 Allocation of Resources Without Limits or Throttling vulnerability in Helpsystems Cobalt Strike 4.2/4.3
A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3.
network
low complexity
helpsystems CWE-770
5.0
2019-02-08 CVE-2018-20764 Unspecified vulnerability in Helpsystems Boks 6.6.0/6.7.1
A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1.
network
low complexity
helpsystems linux
7.5