Helpsystems

helpsystems

7 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Titus Data Classification

titus_data_classification

Goanywhere Managed File Transfer

goanywhere_managed_file_transfer

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-42948 1Helpsystems 1Cobalt Strike Nov 3, 2025 Mar 24, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI.
CVE-2022-39197 1Helpsystems 1Cobalt Strike Nov 3, 2025 Sep 22, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike through 4.7 that allowed a remote attacker to execute HTML on the Cobalt Strike teamserver. To exploit the vulnerability, one must first...Show more An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike through 4.7 that allowed a remote attacker to execute HTML on the Cobalt Strike teamserver. To exploit the vulnerability, one must first inspect a Cobalt Strike payload, and then modify the username field in the payload (or create a new payload with the extracted information and then modify that username field to be malformed).Show less
CVE-2021-46830 1Helpsystems 1Goanywhere Managed File Transfer Nov 21, 2024 Jul 27, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a...Show more A path traversal vulnerability exists within GoAnywhere MFT before 6.8.3 that utilize self-registration for the GoAnywhere Web Client. This vulnerability could potentially allow an external user who self-registers with a specific username and/or profile information to gain access to files at a higher directory level than intended.Show less
CVE-2021-43708 1Helpsystems 1Titus Data Classification Nov 21, 2024 Apr 21, 2022 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the generation of a classification label by using Excel's safe mode.
CVE-2022-23317 1Helpsystems 1Cobalt Strike Nov 21, 2024 Feb 15, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with "/", and attackers can obtain relevant information by specifying the URL.
CVE-2021-36798 1Helpsystems 1Cobalt Strike Nov 21, 2024 Aug 9, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it.
CVE-2018-20764 1Helpsystems 1Boks Nov 21, 2024 Feb 8, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1. Since tcpcrypt is setuid, exploitation leads to privilege escalation.