HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection Exploit

Exploit for multiple platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "HP Smart Storage Administrator Remote Command Injection", 'Description' = ...

HP Smart Storage Administrator 2.30.6.0 Remote Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "HP Smart Storage Administrator Remote Command Injection", 'Description' = %q This module exploits a vulnerability found in HP Smart...

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection (Metasploit)

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "HP Smart Storage Administrator Remote Command...

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "HP Smart Storage Administrator Remote Command Injection", 'Description' = %q This module exploits a vulnerability found in HP Smart...

Sophos Web Appliance 4.2.1.3 Remote Command Injection

Critical Start security expert Russell Sanford discovered and reported two critical zero-day vulnerabilities in the Sophos Web Appliance in December of 2016. The vulnerabilities, documented under CVE-2016-9553, allow the remote compromise of the appliance's underlining Linux subsystem. The...

CVE-2016-9554

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

Command injection

The Sophos Web Appliance version 4.2.1.3 is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php /controllers/MgrReport.php component responsible for blocking and unblocking IP addresses from...

Command injection

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

CVE-2016-9554

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

CVE-2016-9553

The Sophos Web Appliance version 4.2.1.3 is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php /controllers/MgrReport.php component responsible for blocking and unblocking IP addresses from...

CVE-2016-9554

The Sophos Web Appliance Remote / Secure Web Gateway server version 4.2.1.3 is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php /controllers/MgrDiagnosticTools.php, in the component responsible for...

CVE-2016-9554

CVE-2016-9554 affects Sophos Web Appliance (Secure Web Gateway) before version 4.3.1. The vulnerability exists in the web admin interface via MgrDiagnosticTools.php, where diagnostic tests invoke wget and pass user-controlled input in the url parameter to executeCommand, which calls exec() withou...

CVE-2016-9553

CVE-2016-9553 — Sophos Web Appliance 4.2.1.3 is vulnerable to two remote command injection flaws in the web admin interface (MgrReport.php) where user-supplied values for unblockip and blockip are passed to shell_exec without proper escaping. An authenticated, remote attacker could exploit these ...

CVE-2016-9553

The Sophos Web Appliance version 4.2.1.3 is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php /controllers/MgrReport.php component responsible for blocking and unblocking IP addresses from...

Western Digital MyCloud NAS Remote Command Injection Vulnerability

Western Digital MyCloud NAS is a personal cloud storage device. Western Digital MyCloud NAS version 2.11.142 suffers from a remote command injection vulnerability in /web/googleanalytics.php, which allows an attacker to execute arbitrary commands with root privileges via the arg parameter within...

Western Digital MyCloud NAS Remote Command Injection Vulnerability (CNVD-2017-00115)

Western Digital MyCloud NAS is a personal cloud storage device. Western Digital MyCloud NAS version 2.11.142 has a remote command injection vulnerability in index.php, which allows an attacker to execute arbitrary commands with root privileges via a cookie header...

Western Digital My Cloud Products Multiple Remote Command Injection Vulnerabilities (Dec 2016) - Active Check

Western Digital My Cloud Products are prone to multiple remote command injection vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

CVE-2016-10107

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header...

CVE-2016-10108

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/googleanalytics.php URL via a modified arg parameter in the POST data...

Debian Remote Command Injection Vulnerability

Debian is a free operating system created by the Debian Project Collaboration with Linux or FreeBSD as its kernel. A remote command injection vulnerability exists in Debian. Allows an attacker to execute arbitrary commands with user privileges in the context of an affected application...