VYPR

Cobalt Strike

by HelpSystems

CVEs (2)

  • CVE-2022-39197MedKEVSep 22, 2022
    risk 0.55cvss 6.1epss 0.46

    An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike through 4.7 that allowed a remote attacker to execute HTML on the Cobalt Strike teamserver. To exploit the vulnerability, one must first inspect a Cobalt Strike payload, and then modify the…

  • CVE-2021-36798HigAug 9, 2021
    risk 0.49cvss 7.5epss 0.04

    A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it.