Lucene search
K

19628 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.181 views

JBoss Seam 2 Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JBoss Seam 2 Remote Command Execution', 'Description' = %q JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for R...

8.8CVSS7.4AI score0.83397EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.136 views

Schneider Modicon Remote START/STOP Command

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Remote START/STOP Command', 'Description' = %q The Schneider Modicon with Unity series of PLCs use Modbus function code 90 0x5a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.264 views

PhoenixContact PLC Remote START/STOP Command

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PhoenixContact PLC Remote START/STOP Command', 'Version' = '1', 'Description' = %q PhoenixContact Programmable Logic Controllers are built upon a...

7.5CVSS7AI score0.81125EPSS
Exploits6
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.162 views

EMC AlphaStor Device Manager Arbitrary Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'EMC AlphaStor Device Manager Arbitrary Command Execution', 'Description' = %q EMC AlphaStor Device Manager is prone to a remote command-injection...

10CVSS7AI score0.35753EPSS
Exploits6
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.254 views

IBM DB2 Db2rcmd.exe Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM DB2 db2rcmd.exe Command Execution Vulnerability', 'Description' = %q This module exploits a vulnerability in the Remote Command Server...

7.2CVSS7.1AI score0.02212EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.246 views

Linksys WRT54GL Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linksys WRT54GL Remote Command Execution', 'Description' = %q Some Linksys Routers are vulnerable to OS Command injection. You will need...

7.4AI score
Exploits0
OSV
OSV
added 2024/08/30 9:14 p.m.3 views

MAL-2024-12229 Malicious code in calculator-c08d6d50f5964131 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6343baa8b5e97a91b02979723f28035221550addc225d0e3911916a51ef5ef37 Clearly research/pentesting examples containing reverse shell. --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but also anythin...

7.4AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/08/30 12:0 a.m.5 views

The vulnerability of SolarWinds IT infrastructure management software’s Web Help Desk system, related to deficiencies in deserialization mechanisms, allows a hacker to execute arbitrary commands.

The vulnerability of SolarWinds IT infrastructure management software’s Web Help Desk component is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS6.4AI score0.84628EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/29 12:0 a.m.5 views

PT-2024-38945 · Gether Technology · 6Shr System

Name of the Vulnerable Software and Affected Versions: 6SHR system from Gether Technology affected versions not specified Description: The 6SHR system from Gether Technology does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload web shell scrip...

8.8CVSS8AI score0.0055EPSS
Exploits0References11
CNVD
CNVD
added 2024/08/28 12:0 a.m.4 views

D-Link DIR-846W Command Execution Vulnerability

D-Link DIR-846W is a dual-band Gigabit wireless router with second-generation 11AC technology and MU-MIMO technology, supporting dual-band concurrent transmission rates up to 1200Mbps for 200M and above broadband users. The D-Link DIR-846W suffers from a command execution vulnerability that stems...

9.8CVSS7.4AI score0.02031EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/08/28 12:0 a.m.2 views

VulnCheck KEV: CVE-2019-3914

Remote command injection vulnerability in Verizon Fios Quantum Gateway G1100 firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname...

9CVSS6.1AI score0.29885EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2024/08/28 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-7029

Commands can be injected over the network and executed without authentication...

9.8CVSS7.3AI score0.38998EPSS
Exploits5References1
VulnCheck KEV
VulnCheck KEV
added 2024/08/28 12:0 a.m.5 views

VulnCheck KEV: CVE-2020-10215

An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dnsqueryname parameter in a dnsquery.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected...

9CVSS6.2AI score0.05886EPSS
Exploits1References1
NVD
NVD
added 2024/08/27 8:15 p.m.89 views

CVE-2024-8213

A vulnerability classified as critical has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. Affected is th...

9.8CVSS0.07178EPSS
Exploits1References6
NVD
NVD
added 2024/08/27 7:15 p.m.46 views

CVE-2024-8210

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been classified as critical. This...

9.8CVSS0.07482EPSS
Exploits1References6
NVD
NVD
added 2024/08/27 4:15 p.m.17 views

CVE-2024-44342

D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the wl0.0ssid parameter. This vulnerability is exploited via a crafted POST request...

9.8CVSS0.01971EPSS
Exploits0References3
OSV
OSV
added 2024/08/27 4:15 p.m.6 views

CVE-2024-41622

D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the tomographypingaddress parameter in /HNAP1/ interface...

9.8CVSS6AI score0.02031EPSS
Exploits0References3
OSV
OSV
added 2024/08/27 4:15 p.m.5 views

CVE-2024-44341

D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the lan0dhcpsstaticlist parameter. This vulnerability is exploited via a crafted POST request...

9.8CVSS6AI score0.01832EPSS
Exploits0References3
OSV
OSV
added 2024/08/27 4:15 p.m.3 views

CVE-2024-44342

D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via the wl0.0ssid parameter. This vulnerability is exploited via a crafted POST request...

9.8CVSS6AI score0.01971EPSS
Exploits0References3
NVD
NVD
added 2024/08/27 4:15 p.m.14 views

CVE-2024-44340

D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution RCE vulnerability via keys smartqosexpressdevices and smartqosnormaldevices in SetSmartQoSSettings...

8.8CVSS0.01794EPSS
Exploits0References3
Rows per page
Query Builder