5 matches found
Path traversal
An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Path Traversal vulnerabilities have been identified. The flaws exist within the ActiveMQ Broker service that is installed as part of the product. By issuing specific HTTP requests, if a user visits a...
Samsung Security Manager 1.5 ActiveMQ Broker Service remote code execution vulnerability
No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Samsung Security Manager 1.5 ActiveMQ Broker Service PUT Method Remote Code Execution",...
Samsung Security Manager 1.4 ActiveMQ Broker Service PUT Method Remote Code Execution
This is an exploit against Samsung Security Manager that bypasses the patch in ZDI-15-156 & ZDI-16-481 by exploiting the vulnerability against the client-side. This exploit has been tested successfully using IE, FireFox and Chrome by abusing a GET request XSS to bypass CORS and reach the vulnerab...
SRC-2016-0031 : Samsung Security Manager ActiveMQ Broker Service MOVE Method Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Security Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...
Samsung Security Manager ActiveMQ Broker Service Remote Code Execution Vulnerability
Samsung Security Manager SSM is the central management platform for a set of recording devices. A remote code execution vulnerability in the ActiveMQ Broker service of SSM allows remote attackers to create arbitrary files on the server and execute arbitrary code with SYSTEM user privileges by...