Infoblox NetMRI 7.1.4 Shell Escape / Privilege Escalation Vulnerabilities

Exploit for hardware platform in category remote exploits Title: Infoblox NetMRI Administration Shell Escape and Privilege Escalation Advisory ID: KL-001-2017-017 Publication Date: 2017.10.24 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-017.txt 1. Vulnerability...

Infoblox NetMRI VM-AD30-5C6CE Factory Reset Persistence Vulnerability

Exploit for hardware platform in category remote exploits Title: Infoblox NetMRI Administration Shell Factory Reset Persistence Advisory ID: KL-001-2017-018 Publication Date: 2017.10.24 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-018.txt 1. Vulnerability Details...

CVE-2016-6484

CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf...

CVE-2016-6484

CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf...

Crlf injection

CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf...

Infoblox Network Automation NetMRI Anyterm Daemon Arbitrary Command Execution Vulnerability

Infoblox Network Automation NetMRI is a suite of automated network configuration and change management software from Infoblox USA. The software has the ability to automate the review and analysis of network changes using built-in expert topics. A security vulnerability exists in Infoblox Network...

CVE-2014-3418

config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter...

Design/Logic Flaw

config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter...

Default credentials

Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors...

CVE-2014-3419

Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors...

CVE-2014-3418

config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter...

CVE-2014-3419

CVE-2014-3419 concerns Infoblox NetMRI prior to 6.8.5, where a weak local MySQL credential (default root: root) enables an authenticated OS user to access databases, enabling OS command injection through the affected NetMRI components. Connected sources confirm vulnerable product families include...

Infoblox NetMRI < 6.8.5 OS Command Injection Vulnerability - Active Check

Infoblox NetMRI is prone to an OS command injection vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Infoblox NetMRI Detection (HTTP)

HTTP based detection of Infoblox NetMRI. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.103575"...

Infoblox NetMRI Multiple XSS Vulnerabilities (Nov 2011)

Infoblox NetMRI is prone to multiple cross-site scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources,...

CVE-2011-5178

Multiple cross-site scripting XSS vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 eulaAccepted or 2 mode parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 eulaAccepted or 2 mode parameter...

CVE-2011-5178

Multiple cross-site scripting XSS vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 eulaAccepted or 2 mode parameter...

[FOREGROUND SECURITY 2011-004] Infoblox NetMRI 6.2.1 Multiple Cross-Site Scripting &#40;XSS&#41; vulnerabilities

============================================================ FOREGROUND SECURITY, SECURITY ADVISORY 2011-004 - Original release date: November 10, 2011 - Discovered by: Jose Carlos de Arriba - Senior Security Analyst at Foreground Security - Contact: jcarriba at foregroundsecurity dot com, dade a...

Infoblox NetMRI 6.2.1 - Admin Login Page Multiple Cross-Site Scripting Vulnerabilities

Infoblox NetMRI 6.2.1 - Admin Login Page Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/50646/info Infoblox NetMRI is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in...