Cambium ePMP 1000 'ping' Command Injection (up to v2.5)

This module exploits an OS Command Injection vulnerability in Cambium ePMP 1000 Authors Karn Ganeshen This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP 1000 'ping' Command Injection ...

The vulnerability of the ms.cgi (/swms/ms.cgi) script in the MRF Web Panel web application allows a attacker to execute arbitrary operating system commands.

The vulnerability of the ms.cgi /swms/ms.cgi script in the MRF Web Panel application exists due to the lack of measures taken to neutralize special elements used in operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on behalf of the...

Cisco WebEx Network Recording Player Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wbx URI handler. When parsing the register parameter, the...

CVE-2017-14001

An Improper Neutralization of Special Elements used in an OS Command issue was discovered in Digium Asterisk GUI 2.1.0 and prior. An OS command injection vulnerability has been identified that may allow the execution of arbitrary code on the system through the inclusion of OS commands in the URL...

Digium Asterisk GUI OS Command Injection Vulnerability

The Asterisk GUI is a framework for configuring graphical user interfaces. An OS command injection vulnerability exists in Digium Asterisk GUI, which could allow an attacker to execute arbitrary code on a system by injecting OS commands into the program's URL requests...

Alienvault OSSIM av-centerd Util.pm sync_rserver Command Execution

require 'msf/core' class MetasploitModule 'Alienvault OSSIM av-centerd Util.pm syncrserver Command Execution', 'Description' = %q This module exploits a command injection vulnerability found within the syncrserver function in Util.pm. The vulnerability is triggered due to an incomplete blacklist...

Malicious GIT HTTP Server

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Malicious Git HTTP Server For CVE-2017-1000117', 'Description' = %q This module exploits CVE-2017-1000117, which affects Git version 2.7.5 and...

WCR-1166DS vulnerable to OS command injection

Overview WCR-1166DS provided by BUFFALO INC.is a wireless LAN router. WCR-1166DS contains an OS command injection vulnerability CWE-78. Masashi Shiraishi of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securit...

Remote Code Execution (RCE)

OrientDB Core is vulnerable to remote code execution RCE attacks. Permissions are not enforced on a user executing a statement to the ORole structure containing a where, fetchplan or order by statement. By executing a groovy function where the groovy wrapper doesn't have a sandbox, any system...

OS command injection vulnerability in Toshiba Lighting & Technology Corporation Home gateway

Overview Home gateway provided by Toshiba Lighting & Technology Corporation contains OS command injection. Yutaka Kokubu of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impa...

Crypttech CryptoLog - Remote Code Execution (Metasploit)

Crypttech CryptoLog - Remote Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Crypttech CryptoLog Remote Code Execution", 'Description' = %q This module exploits the sql...

Crypttech CryptoLog - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Crypttech CryptoLog Remote Code Execution", 'Description' = %q This module exploits the sql injection and command injection vulnerability of...

Operating System Command Injection

OS command injection occurs when user supplied input is used to form a command to be executed by the operating system. Scanner was able to inject specific Operating System commands and have the output from that command contained within the server response. This indicates that input is not being...

CVE-2014-3582

In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the Ambari Server host while generating SSL certificates for hosts in an Ambari cluster...

The regular expression uses the improper triggering of the system command execution vulnerability-vulnerability warning-the black bar safety net

Sometimes, through a regular expression to the string of white list filter is not good。 This example demonstrates a regular expression in the string to the white list filter of time may lead to the OSCI（Operating System Command Injection）vulnerabilities. 0x01 text The test code is as follows:...

NETGEAR DGN2200 Remote Command Execution

0x00 summary NETGEAR DGN2200 router ping. the cgi script does not have to enter parameters for authentication, the result can be constructed in a specific request to perform system command. 0x01 details Through the capture, the parameters will be pingIPAddr the IP address back add;cmdto perform a...

S2-045: Struts 2 Remote Code Execution vulnerability（CVE-2017-5638）

Based on the Jakarta plugin plugin Struts remote code execution vulnerability, a malicious user can upload a file by modifying the HTTP request header Content-Type value to trigger the vulnerability, and then execute the system command. Sound detection methodthe detection method by the constant...

dotCMS contains multiple vulnerabilities

Overview The dotCMS administration panel is vulnerable to cross-site request forgery, and the "Push Publishing" feature in Enterprise Pro is vulnerable to path traversal and arbitrary file upload. dotCMS versions 3.7.1 and earlier are affected. Description CWE-352: Cross-Site Request Forgery CSRF...

AlienVault OSSIM/USM Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "AlienVault OSSIM/USM Remote Code Execution", 'Description' = %q This module exploits object injection, authentication bypass an...

Sophos Web Appliance Command Injection Vulnerability

Sophos Web Appliance is a web security gateway solution. An input validation vulnerability in the MgrReport.php file in the web management interface of the Sophos Web Appliance could be exploited by an attacker to submit a special request to inject a system command and execute it...