remote rConfig 3.9.4 searchField Remote Code Execution By packetstormsecurity.com Published On :: Sat, 28 Mar 2020 14:30:26 GMT rConfig version 3.9.4 searchField unauthenticated remote root code execution exploit. Full Article
remote Vesta Control Panel Authenticated Remote Code Execution By packetstormsecurity.com Published On :: Mon, 06 Apr 2020 19:03:23 GMT This Metasploit module exploits command injection vulnerability in v-list-user-backups bash script file. Low privileged authenticated users can execute arbitrary commands under the context of the root user. An authenticated attacker with a low privileges can inject a payload in the file name starts with dot. During the user backup process, this file name will be evaluated by the v-user-backup bash scripts. As result of that backup process, when an attacker try to list existing backups injected payload will be executed. Full Article
remote Vesta Control Panel Authenticated Remote Code Execution By packetstormsecurity.com Published On :: Tue, 14 Apr 2020 15:50:37 GMT This Metasploit module exploits an authenticated command injection vulnerability in the v-list-user-backups bash script file in Vesta Control Panel to gain remote code execution as the root user. Full Article
remote TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 18:58:49 GMT This Metasploit module exploits a command injection vulnerability in the tdpServer daemon (/usr/bin/tdpServer), running on the router TP-Link Archer A7/C7 (AC1750), hardware version 5, MIPS Architecture, firmware version 190726. The vulnerability can only be exploited by an attacker on the LAN side of the router, but the attacker does not need any authentication to abuse it. After exploitation, an attacker will be able to execute any command as root, including downloading and executing a binary from another host. This vulnerability was discovered and exploited at Pwn2Own Tokyo 2019 by the Flashback team. Full Article
remote Liferay Portal Java Unmarshalling Remote Code Execution By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 18:57:25 GMT This Metasploit module exploits a Java unmarshalling vulnerability via JSONWS in Liferay Portal versions prior to 6.2.5 GA6, 7.0.6 GA7, 7.1.3 GA4, and 7.2.1 GA2 to execute code as the Liferay user. Tested against 7.2.0 GA1. Full Article
remote Nexus Repository Manager 3.21.1-01 Remote Code Execution By packetstormsecurity.com Published On :: Thu, 16 Apr 2020 15:37:25 GMT This Metasploit module exploits a Java Expression Language (EL) injection in Nexus Repository Manager versions up to and including 3.21.1 to execute code as the Nexus user. Tested against 3.21.1-01. Full Article
remote netkit-telnet 0.17 Remote Code Execution By packetstormsecurity.com Published On :: Thu, 05 Mar 2020 20:57:43 GMT netkit-telnet version 0.17 telnetd on Fedora 31 BraveStarr remote code execution exploit. Full Article
remote Sagemcom Fast 3890 Remote Code Execution By packetstormsecurity.com Published On :: Tue, 14 Jan 2020 15:51:01 GMT This exploit uses the Cable Haunt vulnerability to open a shell for the Sagemcom F@ST 3890 (50_10_19-T1) cable modem. The exploit serves a website that sends a malicious websocket request to the cable modem. The request will overflow a return address in the spectrum analyzer of the cable modem and using a rop chain start listening for a tcp connection on port 1337. The server will then send a payload over this tcp connection and the modem will start executing the payload. The payload will listen for commands to be run in the eCos shell on the cable modem and redirect STDOUT to the tcp connection. Full Article
remote Yes, You Can Remotely Hack Factory, Building Site Cranes. Wait, What? By packetstormsecurity.com Published On :: Wed, 16 Jan 2019 13:35:32 GMT Full Article headline hacker flaw scada
remote NEC Univerge SV9100/SV8100 WebPro 10.0 Remote Configuration Download By packetstormsecurity.com Published On :: Tue, 23 Jan 2018 04:51:52 GMT NEC Univerge SV9100/SV8100 WebPro version 10.0 suffers from a remote configuration download vulnerability. The gzipped telephone system configuration file 'config.gz' or 'config.pcpx' that contains the unencrypted data file 'conf.pcpn', can be downloaded by an attacker from the root directory if previously generated by a privileged user. Full Article
remote NagiosXI 5.6 Remote Command Execution By packetstormsecurity.com Published On :: Wed, 08 Apr 2020 16:30:28 GMT This is a whitepaper tutorial that walks through creating a proof of concept exploit for a remote command execution vulnerability in NagiosXI version 5.6. Full Article
remote Symantec Web Gateway 5.0.2.8 Remote Command Execution By packetstormsecurity.com Published On :: Wed, 08 Apr 2020 16:33:55 GMT This is a whitepaper tutorial that walks through creating a proof of concept exploit for a pre-authentication remote command execution vulnerability in Symantec Web Gateway version 5.0.2.8. Full Article
remote NagiosXI 5.6.11 Remote Command Execution By packetstormsecurity.com Published On :: Wed, 08 Apr 2020 16:36:48 GMT This is a whitepaper tutorial that describes steps taken to identify post-authentication remote command execution vulnerabilities in NagiosXI version 5.6.11. Full Article
remote ManageEngine 14 Remote Code Execution By packetstormsecurity.com Published On :: Wed, 08 Apr 2020 16:39:26 GMT This is a whitepaper tutorial that describes steps taken to identify post-authentication remote code execution vulnerabilities in ManageEngine version 14. Full Article
remote Symantec Web Gateway 5.0.2.8 Remote Code Execution By packetstormsecurity.com Published On :: Wed, 08 Apr 2020 16:44:54 GMT This is a whitepaper tutorial that describes steps taken to identify post-authentication remote code execution vulnerabilities in Symantec Web Gateway version 5.0.2.8. Full Article
remote Blind CreateRemoteThread Privilege Escalation By packetstormsecurity.com Published On :: Mon, 04 May 2020 17:21:40 GMT Whitepaper called Blind CreateRemoteThread Privilege Escalation. Full Article
remote Oracle WebLogic 12.1.2.0 Remote Code Execution By packetstormsecurity.com Published On :: Mon, 09 Jul 2018 13:11:11 GMT Oracle WebLogic version 12.1.2.0 RMI registry UnicastRef object java deserialization remote code execution exploit. Full Article
remote IQrouter 3.3.1 Remote Code Execution By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 13:52:30 GMT IQrouter firmware version 3.3.1 suffers from a remote code execution vulnerability. Full Article
remote NSClient++ 0.5.2.35 Authenticated Remote Code Execution By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:03:42 GMT NSClient++ version 0.5.2.35 suffers from an authenticated remote code execution vulnerability. Full Article
remote Edimax EW-7438RPn 1.13 Remote Code Execution By packetstormsecurity.com Published On :: Fri, 24 Apr 2020 14:36:26 GMT Edimax EW-7438RPn version 1.13 suffers from a remote code execution vulnerability. Full Article
remote Furukawa Electric ConsciusMAP 2.8.1 Java Deserialization Remote Code Execution By packetstormsecurity.com Published On :: Fri, 24 Apr 2020 14:40:45 GMT Furukawa Electric ConsciusMAP version 2.8.1 java deserialization remote code execution exploit. Full Article
remote School ERP Pro 1.0 Remote Code Execution By packetstormsecurity.com Published On :: Wed, 29 Apr 2020 15:32:10 GMT School ERP Pro version 1.0 suffers from a remote code execution vulnerability. Full Article
remote Open-AudIT Professional 3.3.1 Remote Code Execution By packetstormsecurity.com Published On :: Wed, 29 Apr 2020 15:43:06 GMT Open-AudIT Professional version 3.3.1 suffers from a remote code execution vulnerability. Full Article
remote SimplePHPGal 0.7 Remote File Inclusion By packetstormsecurity.com Published On :: Tue, 05 May 2020 20:49:23 GMT SimplePHPGal version 0.7 suffers from a remote file inclusion vulnerability. Full Article
remote Saltstack 3000.1 Remote Code Execution By packetstormsecurity.com Published On :: Tue, 05 May 2020 20:59:22 GMT Saltstack version 3000.1 suffers from a remote code execution vulnerability. Full Article
remote ManageEngine Asset Explorer Windows Agent Remote Code Execution By packetstormsecurity.com Published On :: Fri, 08 May 2020 19:56:17 GMT The ManageEngine Asset Explorer windows agent suffers form a remote code execution vulnerability. All versions prior to 1.0.29 are affected. Full Article
remote Cisco UCS Director Unauthenticated Remote Code Execution By packetstormsecurity.com Published On :: Mon, 02 Sep 2019 18:11:07 GMT The Cisco UCS Director virtual appliance contains two flaws that can be combined and abused by an attacker to achieve remote code execution as root. The first one, CVE-2019-1937, is an authentication bypass, that allows the attacker to authenticate as an administrator. The second one, CVE-2019-1936, is a command injection in a password change form, that allows the attacker to inject commands that will execute as root. This module combines both vulnerabilities to achieve the unauthenticated command injection as root. It has been tested with Cisco UCS Director virtual machines 6.6.0 and 6.7.0. Note that Cisco also mentions in their advisory that their IMC Supervisor and UCS Director Express are also affected by these vulnerabilities, but this module was not tested with those products. Full Article
remote Cisco Content Security Virtual Appliance M380 IronPort Remote Cross Site Host Modification By packetstormsecurity.com Published On :: Mon, 09 Sep 2019 23:12:10 GMT Cisco Content Security Virtual Appliance M380 IronPort remote cross site host modification demo exploit. Full Article
remote Cisco Discovery Protocol (CDP) Remote Device Takeover By packetstormsecurity.com Published On :: Wed, 05 Feb 2020 17:05:56 GMT Armis has discovered five critical, zero-day vulnerabilities in various implementations of the Cisco Discovery Protocol (CDP) that can allow remote attackers to completely take over devices. Full Article
remote Cisco Data Center Network Manager 11.2 Remote Code Execution By packetstormsecurity.com Published On :: Thu, 06 Feb 2020 17:45:40 GMT Cisco Data Center Network Manager version 11.2 remote code execution exploit. Full Article
remote Nanometrics Centaur / TitanSMA Unauthenticated Remote Memory Leak By packetstormsecurity.com Published On :: Mon, 17 Feb 2020 17:43:13 GMT An information disclosure vulnerability exists when Centaur and TitanSMA fail to properly protect critical system logs such as 'syslog'. Additionally, the implemented Jetty version (9.4.z-SNAPSHOT) suffers from a memory leak of shared buffers that was (supposedly) patched in Jetty version 9.2.9.v20150224. Full Article
remote GitLab Awards Researcher $20,000 For Remote Code Execution Bug By packetstormsecurity.com Published On :: Wed, 29 Apr 2020 15:28:19 GMT Full Article headline hacker flaw patch
remote PHP imap_open Remote Code Execution By packetstormsecurity.com Published On :: Wed, 28 Nov 2018 01:52:56 GMT The imap_open function within PHP, if called without the /norsh flag, will attempt to preauthenticate an IMAP session. On Debian based systems, including Ubuntu, rsh is mapped to the ssh binary. Ssh's ProxyCommand option can be passed from imap_open to execute arbitrary commands. While many custom applications may use imap_open, this exploit works against the following applications: e107 v2, prestashop, SuiteCRM, as well as Custom, which simply prints the exploit strings for use. Prestashop exploitation requires the admin URI, and administrator credentials. suiteCRM/e107/hostcms require administrator credentials. Full Article
remote Nagios XI Authenticated Remote Command Execution By packetstormsecurity.com Published On :: Tue, 10 Mar 2020 13:17:29 GMT This Metasploit module exploits a vulnerability in Nagios XI versions before 5.6.6 in order to execute arbitrary commands as root. The module uploads a malicious plugin to the Nagios XI server and then executes this plugin by issuing an HTTP GET request to download a system profile from the server. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target via the malicious plugin. This may not work if Nagios XI is running in a restricted Unix environment, so in that case the target must be set to Linux (cmd). The module then writes the payload to the malicious plugin while avoiding commands that may not be supported. Valid credentials for a user with administrative privileges are required. This module was successfully tested on Nagios XI 5.6.5 running on CentOS 7. The module may behave differently against older versions of Nagios XI. Full Article
remote Samsung Android Remote Code Execution By packetstormsecurity.com Published On :: Fri, 08 May 2020 20:12:41 GMT Samsung Android suffers from multiple interaction-less remote code execution vulnerabilities as well as other remote access issues in the Qmage image codec built into Skia. Full Article
remote HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution By packetstormsecurity.com Published On :: Wed, 04 Sep 2013 03:19:31 GMT This Metasploit module exploits a vulnerability on the lrFileIOService ActiveX, as installed with HP LoadRunner 11.50. The vulnerability exists in the WriteFileString method, which allow the user to write arbitrary files. It's abused to drop a payload embedded in a dll, which is later loaded through the Init() method from the lrMdrvService control, by abusing an insecure LoadLibrary call. This Metasploit module has been tested successfully on IE8 on Windows XP. Virtualization based on the Low Integrity Process, on Windows Vista and 7, will stop this module because the DLL will be dropped to a virtualized folder, which isn't used by LoadLibrary. Full Article
remote HP Data Protector Encrypted Communication Remote Command Execution By packetstormsecurity.com Published On :: Tue, 07 Jun 2016 07:51:36 GMT This Metasploit module exploits a well known remote code execution exploit after establishing encrypted control communications with a Data Protector agent. This allows exploitation of Data Protector agents that have been configured to only use encrypted control communications. This exploit works by executing the payload with Microsoft PowerShell so will only work against Windows Vista or newer. Tested against Data Protector 9.0 installed on Windows Server 2008 R2. Full Article
remote Transferable Remote 1.1 XSS / LFI / Command Injection By packetstormsecurity.com Published On :: Wed, 13 Feb 2013 03:00:01 GMT Transferable Remote version 1.1 for iPad and iPhone suffers from cross site scripting, remote command injection, and local file inclusion vulnerabilities. Full Article
remote qdPM Remote Code Execution By packetstormsecurity.com Published On :: Fri, 28 Feb 2020 22:43:25 GMT qdPM versions prior to 9.1 suffer from a remote shell upload vulnerability that allows for remote code execution. Full Article
remote Cacti 1.2.8 Unauthenticated Remote Code Execution By packetstormsecurity.com Published On :: Mon, 02 Mar 2020 15:42:06 GMT graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege. Full Article
remote Centreon Poller Authenticated Remote Command Execution By packetstormsecurity.com Published On :: Wed, 18 Mar 2020 15:30:58 GMT This Metasploit module exploits a flaw where an authenticated user with sufficient administrative rights to manage pollers can use this functionality to execute arbitrary commands remotely. Usually, the miscellaneous commands are used by the additional modules (to perform certain actions), by the scheduler for data processing, etc. This module uses this functionality to obtain a remote shell on the target. Full Article
remote IBM Data Risk Manager 2.0.3 Remote Code Execution By packetstormsecurity.com Published On :: Tue, 05 May 2020 21:12:14 GMT IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root. The first is an unauthenticated bypass, followed by a command injection as the server user, and finally abuse of an insecure default password. This module exploits all three vulnerabilities, giving the attacker a root shell. At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be affected, and the latest 2.0.6 is most likely affected too. Full Article
remote Webmin 1.900 Remote Command Execution By packetstormsecurity.com Published On :: Fri, 18 Jan 2019 14:44:44 GMT This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.900 and below. Any user authorized to the "Java file manager" and "Upload and Download" fields, to execute arbitrary commands with root privileges. In addition, "Running Processes" field must be authorized to discover the directory to be uploaded. A vulnerable file can be printed on the original files of the Webmin application. The vulnerable file we are uploading should be integrated with the application. Therefore, a ".cgi" file with the vulnerability belong to webmin application should be used. The module has been tested successfully with Webmin version 1.900 over Debian 4.9.18. Full Article
remote devolo dLAN 550 duo+ 3.1.0-1 Starter Kit Remote Code Execution By packetstormsecurity.com Published On :: Tue, 05 Feb 2019 02:33:18 GMT devolo dLAN 550 duo+ version 3.1.0-1 suffers from a remote code execution vulnerability. The devolo firmware has what seems to be a 'hidden' services which can be enabled by authenticated attacker via the the htmlmgr CGI script. This allows the attacker to start services that are deprecated or discontinued and achieve remote arbitrary code execution with root privileges. Full Article
remote Sierra Wireless AirLink ES450 ACEManager upload.cgi Remote Code Execution By packetstormsecurity.com Published On :: Fri, 26 Apr 2019 21:01:11 GMT An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability. Full Article
remote D-Link DIR-859 Unauthenticated Remote Command Execution By packetstormsecurity.com Published On :: Wed, 22 Jan 2020 16:26:01 GMT D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi (function genacgi_main() in /htdocs/cgibin), which is accessible without credentials. Full Article
remote Hackers Target Remote Workers With Fake Zoom Downloader By packetstormsecurity.com Published On :: Mon, 04 May 2020 15:37:16 GMT Full Article headline hacker privacy malware fraud
remote New Remote Bug in OpenSSH v3.3 and Below By packetstormsecurity.com Published On :: Mon, 24 Jun 2002 08:34:07 GMT Full Article ssh
remote Remote Chinese region looks to set new clean-power record By feedproxy.google.com Published On :: 2019-06-12T14:43:03Z A sparsely populated Chinese province that’s home to the headwaters of the Yangtze and Yellow rivers is attempting to set a new record for clean energy use, serving as a test bed for the entire country. Full Article Onshore News Utility Scale Wind Power
remote Remote Chinese region looks to set new clean-power record By feedproxy.google.com Published On :: 2019-06-12T14:43:03Z A sparsely populated Chinese province that’s home to the headwaters of the Yangtze and Yellow rivers is attempting to set a new record for clean energy use, serving as a test bed for the entire country. Full Article Onshore News Utility Scale Wind Power