The imap_open function within PHP, if called without the /norsh flag, will attempt to preauthenticate an IMAP session. On Debian based systems, including Ubuntu, rsh is mapped to the ssh binary. Ssh's ProxyCommand option can be passed from imap_open to execute arbitrary commands. While many custom applications may use imap_open, this exploit works against the following applications: e107 v2, prestashop, SuiteCRM, as well as Custom, which simply prints the exploit strings for use. Prestashop exploitation requires the admin URI, and administrator credentials. suiteCRM/e107/hostcms require administrator credentials.

This Metasploit module exploits a vulnerability in Nagios XI versions before 5.6.6 in order to execute arbitrary commands as root. The module uploads a malicious plugin to the Nagios XI server and then executes this plugin by issuing an HTTP GET request to download a system profile from the server. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target via the malicious plugin. This may not work if Nagios XI is running in a restricted Unix environment, so in that case the target must be set to Linux (cmd). The module then writes the payload to the malicious plugin while avoiding commands that may not be supported. Valid credentials for a user with administrative privileges are required. This module was successfully tested on Nagios XI 5.6.5 running on CentOS 7. The module may behave differently against older versions of Nagios XI.

Samsung Android suffers from multiple interaction-less remote code execution vulnerabilities as well as other remote access issues in the Qmage image codec built into Skia.

This Metasploit module exploits a vulnerability on the lrFileIOService ActiveX, as installed with HP LoadRunner 11.50. The vulnerability exists in the WriteFileString method, which allow the user to write arbitrary files. It's abused to drop a payload embedded in a dll, which is later loaded through the Init() method from the lrMdrvService control, by abusing an insecure LoadLibrary call. This Metasploit module has been tested successfully on IE8 on Windows XP. Virtualization based on the Low Integrity Process, on Windows Vista and 7, will stop this module because the DLL will be dropped to a virtualized folder, which isn't used by LoadLibrary.

This Metasploit module exploits a well known remote code execution exploit after establishing encrypted control communications with a Data Protector agent. This allows exploitation of Data Protector agents that have been configured to only use encrypted control communications. This exploit works by executing the payload with Microsoft PowerShell so will only work against Windows Vista or newer. Tested against Data Protector 9.0 installed on Windows Server 2008 R2.

Transferable Remote version 1.1 for iPad and iPhone suffers from cross site scripting, remote command injection, and local file inclusion vulnerabilities.

Extreme Networks Aerohive HiveOS versions 11.x and below remote denial of service exploit. An unauthenticated malicious user can trigger a denial of service (DoS) attack when sending specific application layer packets towards the Aerohive NetConfig UI. This proof of concept exploit renders the application unusable for 305 seconds or 5 minutes with a single HTTP request using the action.php5 script calling the CliWindow function thru the _page parameter, denying access to the web server hive user interface.

qdPM versions prior to 9.1 suffer from a remote shell upload vulnerability that allows for remote code execution.

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege.

This Metasploit module exploits a flaw where an authenticated user with sufficient administrative rights to manage pollers can use this functionality to execute arbitrary commands remotely. Usually, the miscellaneous commands are used by the additional modules (to perform certain actions), by the scheduler for data processing, etc. This module uses this functionality to obtain a remote shell on the target.

IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root. The first is an unauthenticated bypass, followed by a command injection as the server user, and finally abuse of an insecure default password. This module exploits all three vulnerabilities, giving the attacker a root shell. At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be affected, and the latest 2.0.6 is most likely affected too.

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.900 and below. Any user authorized to the "Java file manager" and "Upload and Download" fields, to execute arbitrary commands with root privileges. In addition, "Running Processes" field must be authorized to discover the directory to be uploaded. A vulnerable file can be printed on the original files of the Webmin application. The vulnerable file we are uploading should be integrated with the application. Therefore, a ".cgi" file with the vulnerability belong to webmin application should be used. The module has been tested successfully with Webmin version 1.900 over Debian 4.9.18.

devolo dLAN 550 duo+ version 3.1.0-1 suffers from a remote code execution vulnerability. The devolo firmware has what seems to be a 'hidden' services which can be enabled by authenticated attacker via the the htmlmgr CGI script. This allows the attacker to start services that are deprecated or discontinued and achieve remote arbitrary code execution with root privileges.

An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability.

D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi (function genacgi_main() in /htdocs/cgibin), which is accessible without credentials.

Paris Region has kept its fDi European Region of the Future title, while Dublin Region holds on to second place and North Rhine-Westphalia is in third. 

A sparsely populated Chinese province that’s home to the headwaters of the Yangtze and Yellow rivers is attempting to set a new record for clean energy use, serving as a test bed for the entire country.

On July 1, Public Service of New Mexico filed a plan with regulators in the state for how it plans to get to a 100 percent emission-free power by 2040. The utility reviewed four scenarios, all of which involved the early retirement of the San Juan Coal Plant, to arrive at its recommended path forward.

Last week, the Hawaiian Electric Companies began Hawai‘i’s largest procurement effort for renewable energy resources to end the use of coal and reduce reliance on imported oil for power generation, moving the state closer to its goal of using 100 percent renewable energy by 2045.

While solar roads have been criticized as impractical and inefficient, a Georgia foundation says they will continue to be part of its research lab for greener highways.

On July 1, Public Service of New Mexico filed a plan with regulators in the state for how it plans to get to a 100 percent emission-free power by 2040. The utility reviewed four scenarios, all of which involved the early retirement of the San Juan Coal Plant, to arrive at its recommended path forward.

While solar roads have been criticized as impractical and inefficient, a Georgia foundation says they will continue to be part of its research lab for greener highways.

American Municipal Power and the city of Hamilton held a dedication ceremony for the 105-MW Meldahl hydroelectric plant on June 2.

Developer SN Aboitiz Power-Ifugao has said it remains committed to developing the 390-MW Alimit hydropower project in the Philippines, pending consent from indigenous groups impacted by its construction.

A pair of applications filed by the Klamath River Renewal Corporation today with the Federal Energy Regulatory Commission puts into official motion a long-standing plan to remove four hydroelectric plants on the Klamath River.

On July 1, Public Service of New Mexico filed a plan with regulators in the state for how it plans to get to a 100 percent emission-free power by 2040. The utility reviewed four scenarios, all of which involved the early retirement of the San Juan Coal Plant, to arrive at its recommended path forward.

Last week, the Hawaiian Electric Companies began Hawai‘i’s largest procurement effort for renewable energy resources to end the use of coal and reduce reliance on imported oil for power generation, moving the state closer to its goal of using 100 percent renewable energy by 2045.

Presentation by Jeff Duce of Boeing

Presentation by Eric Malo of Research In Motion

The United States is in a good place in terms of energy, explained former Secretary of the Interior Ken Salazar during a keynote session at the MIT Energy Conference in Cambridge, Mass. Oil imports are the lowest since 1991 at 40 percent, carbon emissions are slowly dwindling, Salazar said, and the U.S. is making these positive improvements due to four cornerstones of progress.

A sparsely populated Chinese province that’s home to the headwaters of the Yangtze and Yellow rivers is attempting to set a new record for clean energy use, serving as a test bed for the entire country.

On July 1, Public Service of New Mexico filed a plan with regulators in the state for how it plans to get to a 100 percent emission-free power by 2040. The utility reviewed four scenarios, all of which involved the early retirement of the San Juan Coal Plant, to arrive at its recommended path forward.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

The shift to working at home during the COVID-19 pandemic is yet another reason to embrace the "zero trust" strategy, says Dave Lewis of Duo Security, who provides guidance.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

The shift to working at home during the COVID-19 pandemic is yet another reason to embrace the "zero trust" strategy, says Dave Lewis of Duo Security, who provides guidance.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.