27 matches found
EUVD-2015-1633
Malware in sbrugna...
EUVD-2015-3479
Malware in sbrugna...
EUVD-2016-10791
Malware in sbrugna...
CVE-2016-15046
A client-side remote code execution vulnerability exists in Hanwha Techwin Smart Security Manager SSM versions 1.32 and 1.4, due to improper restrictions on the PUT method exposed by the bundled Apache ActiveMQ instance running on port 8161. An attacker can exploit this flaw through a Cross-Origi...
CVE-2016-15046
A client-side remote code execution vulnerability exists in Hanwha Techwin Smart Security Manager SSM versions 1.32 and 1.4, due to improper restrictions on the PUT method exposed by the bundled Apache ActiveMQ instance running on port 8161. An attacker can exploit this flaw through a Cross-Origi...
CVE-2016-15046
CVE-2016-15046 affects Hanwha Techwin Smart Security Manager (SSM) / Hanwha Wisenet SSM, with a client-side RCE caused by improper restrictions on the PUT method of the bundled Apache ActiveMQ on port 8161. The vulnerability enables a Cross-Origin Resource Sharing (CORS) bypass paired with JavaSc...
CVE-2016-15046 Hanwha Techwin SSM 1.32 & 1.4 ActiveMQ File Upload RCE
A client-side remote code execution vulnerability exists in Hanwha Techwin Smart Security Manager SSM versions 1.32 and 1.4, due to improper restrictions on the PUT method exposed by the bundled Apache ActiveMQ instance running on port 8161. An attacker can exploit this flaw through a Cross-Origi...
SAMSUNG Security Manager 安全漏洞
SAMSUNG Security Manager is a software from Samsung South Korea for managing Samsung security drives. A security vulnerability exists in SAMSUNG Security Manager version 1.32 and 1.4, which stems from an improperly restricted PUT method that could lead to remote code execution...
Remote Code Execution Vulnerability in Samsung Security Manager
Samsung Security Manager SSM is a set of South Korea's Samsung Samsung company's video equipment, the central management platform, which supports site group management, display the list of registered devices, through the mouse drag and drop or double-click operation to achieve the specified video...
Samsung Security Manager Denial of Service Vulnerability
Samsung Security Manager SSM is a set of South Korea's Samsung Samsung company's video equipment, the central management platform, which supports site group management, display the list of registered devices, through the mouse drag and drop or double-click operation to achieve the specified video...
Samsung Security Manager ActiveMQ Broker Service DELETE Method Denial of Service Vulnerability
This vulnerability allows remote attackers to delete files of their choosing from systems running vulnerable installations of Samsung Security Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ActiveMQ Broker service that is installed as pa...
Samsung Security Manager ActiveMQ Broker Service MOVE Method Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Security Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ActiveMQ Broker service that is installed as part of this product. By...
Samsung Security Manager 1.5 ActiveMQ Broker Service remote code execution vulnerability
No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Samsung Security Manager 1.5 ActiveMQ Broker Service PUT Method Remote Code Execution",...
Samsung Security Manager 1.5 ActiveMQ Broker Service PUT Method Remote Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Samsung Security Manager 1.5 ActiveMQ Broker Service PUT Method Remote Code Execution", 'Description' = %q This is an exploit...
Samsung Security Manager 1.4 ActiveMQ Broker Service PUT Method Remote Code Execution
This is an exploit against Samsung Security Manager that bypasses the patch in ZDI-15-156 & ZDI-16-481 by exploiting the vulnerability against the client-side. This exploit has been tested successfully using IE, FireFox and Chrome by abusing a GET request XSS to bypass CORS and reach the vulnerab...
The vulnerability of the Samsung Security Manager video surveillance system allows a intruder to execute arbitrary code.
The vulnerability of the Samsung Security Manager video surveillance system allows a malicious actor to execute arbitrary code by uploading a specially crafted file via the HTTP protocol...
CVE-2015-3435
Samsung Security Manager SSM before 1.31 allows remote attackers to execute arbitrary code by uploading a file with an HTTP 1 PUT or 2 MOVE request...
Design/Logic Flaw
Samsung Security Manager SSM before 1.31 allows remote attackers to execute arbitrary code by uploading a file with an HTTP 1 PUT or 2 MOVE request...
CVE-2015-3435
Samsung Security Manager SSM before 1.31 allows remote attackers to execute arbitrary code by uploading a file with an HTTP 1 PUT or 2 MOVE request...
Samsung Security Manager ActiveMQ Broker Service Remote Code Execution Vulnerability
Samsung Security Manager SSM is the central management platform for a set of recording devices. A remote code execution vulnerability in the ActiveMQ Broker service of SSM allows remote attackers to create arbitrary files on the server and execute arbitrary code with SYSTEM user privileges by...