7 matches found
Schneider Electric Pelco Endura Authentication Bypass (CVE-2019-6814)
An authentication bypass vulnerability exists in Schneider Electric Pelco Endura. This allows remote attackers to perform administrative actions without authentication...
Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Schneider Electric Pelco Endura NET55XX Encoder", 'Description' = %q This module exploits inadequate access controls within the webUI to enable t...
Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Schneider Electric Pelco Endura NET55XX Encoder", 'Description' = %q This module exploits inadequate access controls within the webUI to enable t...
Schneider Electric Pelco Endura NET55XX Encoder
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Schneider Electric Pelco Endura NET55XX Encoder", 'Description' = %q This module exploits inadequate access controls within the webUI to enable...
Schneider Electric Pelco Endura NET55XX Encoder
This module exploits inadequate access controls within the webUI to enable the SSH service and change the root password. This module has been tested successfully on: NET5501, NET5501-I, NET5501-XT, NET5504, NET5500, NET5516, NET550 versions. This module requires Metasploit:...
CVE-2019-6814
creationtimestamp| type| source ---|---|--- 2019-05-22 20:48:28+00:00| seen| https://t.me/cvemitreorg/167 2019-07-22 19:56:03+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/schneiderelectricnet55xxencoder.rb 2019-07-29 00:00:00+00:00| exploited|...
CVE-2019-6814
CVE-2019-6814 affects Schneider Electric Pelco Endura NET55XX Encoder families with firmware versions prior to 2.1.9.7, due to CWE-287 Improper Authentication. A remote attacker could craft a malicious request to the encoder webUI, leading to an authentication bypass impacting confidentiality, in...