logo
DATABASE RESOURCES PRICING ABOUT US

smb-vuln-webexec NSE Script

Description

A critical remote code execution vulnerability exists in WebExService (WebExec). ### See also: * [ smb-webexec-exploit.nse ](<../scripts/smb-webexec-exploit.html>) ## Script Arguments #### smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername See the documentation for the [smbauth](<../lib/smbauth.html#script-args>) library. #### randomseed, smbbasic, smbport, smbsign See the documentation for the [smb](<../lib/smb.html#script-args>) library. #### vulns.short, vulns.showall See the documentation for the [vulns](<../lib/vulns.html#script-args>) library. ## Example Usage nmap --script smb-vuln-webexec --script-args smbusername=<username>,smbpass=<password> -p445 <host> ## Script Output PORT STATE SERVICE REASON 445/tcp open microsoft-ds syn-ack | smb-vuln-webexec: | VULNERABLE: | Remote Code Execution vulnerability in WebExService | State: VULNERABLE | IDs: CVE:CVE-2018-15442 | Risk factor: HIGH | A critical remote code execution vulnerability exists in WebExService (WebExec). | Disclosure date: 2018-10-24 | References: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15442 | https://blog.skullsecurity.org/2018/technical-rundown-of-webexec |_ https://webexec.org ## Requires * [msrpc](<../lib/msrpc.html>) * [string](<>) * [shortport](<../lib/shortport.html>) * [smb](<../lib/smb.html>) * [stdnse](<../lib/stdnse.html>) * [vulns](<../lib/vulns.html>) * [rand](<../lib/rand.html>) * [stringaux](<../lib/stringaux.html>) * * *


Related