Lucene search
K

19 matches found

Metasploit
Metasploit
added 4 days ago10 views

FTP Fetch

Fetch and execute an ARMLE payload from an FTP server. Module Options msf use payload/cmd/linux/ftp/armle/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show and...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago11 views

FTP Fetch, Linux dup2 Command Shell, Bind TCP Stager

Fetch and execute an ARMLE payload from an FTP server. dup2 socket in r12, then execve. Listen for a connection Module Options msf use payload/cmd/linux/ftp/armle/shell/bindtcp msf payloadbindtcp show actions ...actions... msf payloadbindtcp set ACTION msf payloadbindtcp show options ...show and...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago15 views

FTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an ARMLE payload from an FTP server. Connect to target and spawn a command shell Module Options msf use payload/cmd/linux/ftp/armle/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show and...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago12 views

FTP Fetch, Linux Add User

Fetch and execute an ARMLE payload from an FTP server. Create a new user with UID 0 Module Options msf use payload/cmd/linux/ftp/armle/adduser msf payloadadduser show actions ...actions... msf payloadadduser set ACTION msf payloadadduser show options ...show and set options... msf payloadadduser...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago14 views

FTP Fetch, Linux Execute Command

Fetch and execute an ARMLE payload from an FTP server. Execute an arbitrary command or just a /bin/sh shell Module Options msf use payload/cmd/linux/ftp/armle/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf...

6.2AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-17188

Malware in sbrugna...

9.8CVSS9.5AI score0.03766EPSS
Exploits1References5
NVD
NVD
added 2019/07/03 8:15 p.m.27 views

CVE-2017-13719

The Amcrest IPM-721S AmcrestIPC-AWXXEngNV2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. This HTTP API receives the credentials as base64 encod...

9.8CVSS9.9AI score0.0446EPSS
Exploits1References3
NVD
NVD
added 2019/07/03 8:15 p.m.25 views

CVE-2017-8226

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a...

9.8CVSS9.4AI score0.03766EPSS
Exploits1References3
Prion
Prion
added 2019/07/03 8:15 p.m.13 views

Hardcoded credentials

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a...

7.5CVSS9.3AI score0.03766EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2019/07/03 8:15 p.m.18 views

Authentication flaw

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. However, if the same brute force attempt is performed using the ONVIF specification which...

5CVSS9.6AI score0.04111EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/07/03 7:40 p.m.28 views

CVE-2017-13719

The Amcrest IPM-721S AmcrestIPC-AWXXEngNV2.420.AC00.17.R.20170322 allows HTTP requests that permit enabling various functionalities of the camera by using HTTP APIs, instead of the web management interface that is provided by the application. This HTTP API receives the credentials as base64 encod...

10AI score0.0446EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/03 7:33 p.m.16 views

CVE-2017-8227

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have a timeout policy to wait for 5 minutes in case 30 incorrect password attempts are detected using the Web and HTTP API interface provided by the device. However, if the same brute force attempt is performed using the ONVIF specification which...

9.8AI score0.04111EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/03 7:25 p.m.27 views

CVE-2017-8226

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a...

9.5AI score0.03766EPSS
Exploits1References3
Prion
Prion
added 2019/07/02 7:15 p.m.14 views

Command injection

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

9.3CVSS9AI score0.0585EPSS
Exploits1References3
Prion
Prion
added 2019/07/02 7:15 p.m.21 views

Command injection

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

10CVSS9.7AI score0.07667EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/02 6:47 p.m.13 views

CVE-2017-8404

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the POST parameters passed in this request to test if email credentials and hostname sent to the device work...

9.8AI score0.07667EPSS
Exploits1References3
NVD
NVD
added 2019/07/02 4:15 p.m.19 views

CVE-2017-8408

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request to test if SMB credentials and hostname sent to the device work proper...

10CVSS9.8AI score0.05123EPSS
Exploits1References2
Prion
Prion
added 2019/07/02 4:15 p.m.22 views

Command injection

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request to test if SMB credentials and hostname sent to the device work proper...

10CVSS9.7AI score0.05123EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/07/02 3:46 p.m.20 views

CVE-2017-8408

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the capability of setting a SMB folder for the video clippings recorded by the device. It seems that the GET parameters passed in this request to test if SMB credentials and hostname sent to the device work proper...

9.8AI score0.05123EPSS
Exploits1References2
Rows per page
Query Builder