19628 matches found
JBoss Seam 2 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBoss Seam 2 Remote Command Execution', 'Description' = %q JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for R...
Schneider Modicon Remote START/STOP Command
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Remote START/STOP Command', 'Description' = %q The Schneider Modicon with Unity series of PLCs use Modbus function code 90 0x5a...
PhoenixContact PLC Remote START/STOP Command
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PhoenixContact PLC Remote START/STOP Command', 'Version' = '1', 'Description' = %q PhoenixContact Programmable Logic Controllers are built upon a...
EMC AlphaStor Device Manager Arbitrary Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'EMC AlphaStor Device Manager Arbitrary Command Execution', 'Description' = %q EMC AlphaStor Device Manager is prone to a remote command-injection...
IBM DB2 Db2rcmd.exe Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM DB2 db2rcmd.exe Command Execution Vulnerability', 'Description' = %q This module exploits a vulnerability in the Remote Command Server...
Linksys WRT54GL Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linksys WRT54GL Remote Command Execution', 'Description' = %q Some Linksys Routers are vulnerable to OS Command injection. You will need...
MAL-2024-12229 Malicious code in calculator-c08d6d50f5964131 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6343baa8b5e97a91b02979723f28035221550addc225d0e3911916a51ef5ef37 Clearly research/pentesting examples containing reverse shell. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but also anythin...
The vulnerability of SolarWinds IT infrastructure management software’s Web Help Desk system, related to deficiencies in deserialization mechanisms, allows a hacker to execute arbitrary commands.
The vulnerability of SolarWinds IT infrastructure management software’s Web Help Desk component is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
PT-2024-38945 · Gether Technology · 6Shr System
Name of the Vulnerable Software and Affected Versions: 6SHR system from Gether Technology affected versions not specified Description: The 6SHR system from Gether Technology does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload web shell scrip...
D-Link DIR-846W Command Execution Vulnerability
D-Link DIR-846W is a dual-band Gigabit wireless router with second-generation 11AC technology and MU-MIMO technology, supporting dual-band concurrent transmission rates up to 1200Mbps for 200M and above broadband users. The D-Link DIR-846W suffers from a command execution vulnerability that stems...
VulnCheck KEV: CVE-2019-3914
Remote command injection vulnerability in Verizon Fios Quantum Gateway G1100 firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname...
VulnCheck KEV: CVE-2024-7029
Commands can be injected over the network and executed without authentication...
VulnCheck KEV: CVE-2020-10215
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dnsqueryname parameter in a dnsquery.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected...
CVE-2024-8213
A vulnerability classified as critical has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. Affected is th...
CVE-2024-8210
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been classified as critical. This...
CVE-2024-44342
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the wl0.0ssid parameter. This vulnerability is exploited via a crafted POST request...
CVE-2024-41622
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the tomographypingaddress parameter in /HNAP1/ interface...
CVE-2024-44341
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...
CVE-2024-44342
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the wl0.0ssid parameter. This vulnerability is exploited via a crafted POST request...
CVE-2024-44340
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via keys smartqosexpressdevices and smartqosnormaldevices in SetSmartQoSSettings...