Lucene search
K

108 matches found

Talos Blog
Talos Blog
added 2018/12/14 11:46 a.m.47 views

Beers with Talos EP 43: Espionage, Encryption, and CISO Square One

Beers with Talos BWT Podcast Ep. 43 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Ep. 43 show notes: Recorded Dec. 7, 2018. Several of us are under the weather, but the show must go on. We did our best, as alway...

Exploits0
ThreatPost
ThreatPost
added 2018/12/07 6:57 p.m.12 views

Australia Anti-Encryption Law Triggers Sweeping Backlash

A controversial Australian bill, which could give the government access to data protected by end-to-end encryption, was passed Thursday. The bill, called the Assistance and Access Act, empowers Australian police to essentially force companies that are operating in the country to help the governme...

0.4AI score
Exploits0References8
Check Point Advisories
Check Point Advisories
added 2018/11/28 12:0 a.m.15 views

Micro Focus Secure Messaging Gateway SQL Injection (CVE-2018-12464)

A SQL injection vulnerability exists in Micro Focus Secure Messaging Gateway. The vulnerability is due to insufficient validation of user input. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS4.4AI score0.80539EPSS
Exploits5
0day.today
0day.today
added 2018/07/31 12:0 a.m.80 views

MicroFocus Secure Messaging Gateway Remote Code Execution Exploit

This Metasploit module exploits a SQL injection and command injection vulnerability in MicroFocus Secure Messaging Gateway. An unauthenticated user can execute a terminal command under the context of the web user. One of the user supplied parameters of API endpoint is used by the application...

0.1AI score0.80539EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/07/31 12:0 a.m.43 views

MicroFocus Secure Messaging Gateway Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution", 'Description' = %q This module exploits a SQL injection and command injection...

8.4AI score0.80539EPSS
Exploits5
0day.today
0day.today
added 2018/07/24 12:0 a.m.68 views

Micro Focus Secure Messaging Gateway (SMG) < 471 - Remote Code Execution Exploit

Exploit for php platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution", 'Description' = %q This module...

0.80539EPSS
Exploits5
exploitpack
exploitpack
added 2018/07/24 12:0 a.m.57 views

Micro Focus Secure Messaging Gateway (SMG) 471 - Remote Code Execution (Metasploit)

Micro Focus Secure Messaging Gateway SMG 471 - Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution",...

0.80539EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/07/24 12:0 a.m.45 views

Micro Focus Secure Messaging Gateway (SMG) &lt; 471 - Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution", 'Description' = %q This module exploits a SQL injection and command injection...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2018/07/05 12:0 a.m.12 views

Micro Focus Secure Messaging Gateway Detection

Detection of Micro Focus Secure Messaging Gateway. The script sends a connection request to the server and attempts to detect Micro Focus Secure Messaging Gateway. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

7AI score
Exploits0References1
Metasploit
Metasploit
added 2018/07/04 4:47 p.m.50 views

MicroFocus Secure Messaging Gateway Remote Code Execution

This module exploits a SQL injection and command injection vulnerability in MicroFocus Secure Messaging Gateway. An unauthenticated user can execute a terminal command under the context of the web user. One of the user supplied parameters of API endpoint is used by the application without input...

10CVSS8.7AI score0.80539EPSS
Exploits5
CNVD
CNVD
added 2018/07/02 12:0 a.m.4 views

Micro Focus Secure Messaging Gateway Web administration and quarantine component SQL injection vulnerability

Micro Focus Secure Messaging Gateway SMG is a suite of outbound and inbound protection software for enterprise networks and messaging systems from Micro Focus, UK. The product includes features such as virus protection, anti-spam, anti-DDos attacks, and image analysis.Web administration is one of...

10CVSS8.5AI score0.80539EPSS
Exploits5References1
CNVD
CNVD
added 2018/07/02 12:0 a.m.2 views

Micro Focus Secure Messaging Gateway Web Administration Component Operating System Command Injection Vulnerability

Micro Focus Secure Messaging Gateway SMG is a suite of outbound and inbound protection software for enterprise networks and messaging systems from the UK-based Micro Focus. The product includes features such as virus protection, anti-spam, anti-DDos attacks, and image analysis.Web administration ...

9.1CVSS8.7AI score0.78955EPSS
Exploits5References1
OSV
OSV
added 2018/06/29 4:29 p.m.3 views

CVE-2018-12465

An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway SMG allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve...

7.2CVSS6.1AI score0.78955EPSS
Exploits5References3
NVD
NVD
added 2018/06/29 4:29 p.m.16 views

CVE-2018-12464

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create an administrative account and used in...

10CVSS8.8AI score0.80539EPSS
Exploits5References3
Prion
Prion
added 2018/06/29 4:29 p.m.19 views

Sql injection

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create an administrative account and used in...

7.5CVSS7.8AI score0.80539EPSS
Exploits5References3Affected Software1
Prion
Prion
added 2018/06/29 4:29 p.m.7 views

Command injection

An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway SMG allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve...

9CVSS8.5AI score0.80539EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2018/06/29 4:0 p.m.22 views

CVE-2018-12464 Unauthenticated SQL injection in Micro Focus Secure Messaging Gateway

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create an administrative account and used in...

10CVSS9.7AI score0.80539EPSS
Exploits5References3
CVE
CVE
added 2018/06/29 4:0 p.m.56 views

CVE-2018-12464

CVE-2018-12464 is a SQL injection vulnerability in Micro Focus Secure Messaging Gateway (SMG) affecting the Web administration and quarantine components. It occurs in versions prior to 471 and enables an unauthenticated remote attacker to execute arbitrary SQL statements against the SMG database,...

10CVSS8.9AI score0.80539EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2018/06/29 4:0 p.m.23 views

CVE-2018-12465 Remote Code Execution in Micro Focus Secure Messaging Gateway

An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway SMG allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve...

9.1CVSS9.4AI score0.78955EPSS
Exploits5References3
Schneier on Security
Schneier on Security
added 2018/06/22 5:58 p.m.72 views

The Effects of Iran's Telegram Ban

The Center for Human Rights in Iran has released a report outlining the effect's of that country's ban on Telegram, a secure messaging app used by about half of the country. The ban will disrupt the most important, uncensored platform for information and communication in Iran, one that is used...

6.9AI score
Exploits0
Rows per page
Query Builder