Lucene search
K

9 matches found

Rapid7 Blog
Rapid7 Blog
added 2023/05/05 6:48 p.m.123 views

Metasploit Weekly Wrap-Up

Throw another log file on the fire Our own Stephen Fewer authored a module targeting CVE-2023-26360 affecting ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update 15 and earlier. The vulnerability allows multiple paths to code execution, but our module works by leveraging a...

10CVSS8.3AI score0.97339EPSS
Exploits23
0day.today
0day.today
added 2023/04/08 12:0 a.m.219 views

Icinga Web 2.10 - Arbitrary File Disclosure Exploit

!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Arbitrary File Disclosure Date: 2023-03-19 Exploit Author: Jacob Ebben Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version: 2.8.6, 2.9.6, 2.10 Tested on: Icinga Web 2 Version 2.9.2 on Linux CVE:...

7.5CVSS7.7AI score0.89378EPSS
Exploits8
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.354 views

Icinga Web 2.10 - Arbitrary File Disclosure

!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Arbitrary File Disclosure Date: 2023-03-19 Exploit Author: Jacob Ebben Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version: 2.8.6, 2.9.6, 2.10 Tested on: Icinga Web 2 Version 2.9.2 on Linux CVE:...

7.5CVSS7.7AI score0.89378EPSS
Exploits8
GithubExploit
GithubExploit
added 2023/03/27 2:22 a.m.659 views

Exploit for Path Traversal in Icinga Icinga_Web_2

CVE-2022-24716 Arbitrary File Disclosure Vulnerability in Ici...

7.5CVSS7.5AI score0.89378EPSS
Exploits8
GithubExploit
GithubExploit
added 2023/03/26 1:3 a.m.300 views

Exploit for Path Traversal in Icinga Icinga_Web_2

CVE-2022-24716 Exploit for the vulnerability: Arbitrary File...

7.5CVSS7.6AI score0.89378EPSS
Exploits8
NCSC
NCSC
added 2022/03/09 12:0 a.m.8 views

Vulnerabilities fixed in Icinga Web 2

Several vulnerabilities have been fixed in Icinga Web 2. The vulnerability with the attribute CVE-2022-24716 allows an unauthenticated malicious party to use a path-traversal to obtain to obtain files that may contain database credentials. The vulnerabilities with attributes CVE-2022-24714 and...

8.8CVSS6.8AI score0.89378EPSS
Exploits13
Circl
Circl
added 2022/03/08 10:40 p.m.30 views

CVE-2022-24716

creationtimestamp| type| source ---|---|--- 2022-03-08 22:40:55+00:00| seen| https://t.me/cibsecurity/38556 2023-03-21 09:01:04+00:00| published-proof-of-concept| https://t.me/dilagrafie/2612 2023-03-21 11:01:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/7967...

7.5CVSS7.1AI score0.89378EPSS
In wildExploits8References8
Vulnrichment
Vulnrichment
added 2022/03/08 12:0 a.m.7 views

CVE-2022-24716 Path traversal in Icinga Web 2

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including icingaweb2 configuration files with database credentials. This issue has been resolv...

7.5CVSS7.3AI score0.89378EPSS
Exploits8References4
CVE
CVE
added 2022/03/08 12:0 a.m.181 views

CVE-2022-24716

CVE-2022-24716 affects Icinga Web 2: Unauthenticated arbitrary file disclosure via directory traversal in the web interface, exposed through the icinga-php-thirdparty/library paths. Root cause: directory traversal allowing access to local files (e.g., icingaweb2 config with DB credentials). Impac...

7.5CVSS7.3AI score0.89378EPSS
In wildExploits8References4Affected Software1
Rows per page
Query Builder