226 matches found
VulnCheck KEV: CVE-2019-5127
A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in...
CVE-2023-41109
SmartNode SN200 aka SN200 3.21.2-23021 allows unauthenticated OS Command Injection...
PT-2023-8337 · Unknown · Smartnode Sn200
Name of the Vulnerable Software and Affected Versions: SmartNode SN200 aka SN200 version 3.21.2-23021 Description: The issue is related to the Network Diagnostic Commands function of the SmartNode SN200 analog telephone adapter's firmware, which fails to neutralize special elements used in an...
Chamilo 1.11.18 Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chamilo unauthenticated command injection in PowerPoint upload', 'Description' = %q Chamilo is an e-learning platform, also called Learning...
Metasploit Weekly Wrap-Up
Meterpreter Testing This week’s release adds new payload tests to our automated test suite. This is intended to help the team and community members identify issues and behavior discrepancies before changes are made. Payloads run on a variety of different platforms including Windows, Linux, and OS...
TP-Link Archer AX21 - Unauthenticated Command Injection
!/usr/bin/python3 Exploit Title: TP-Link Archer AX21 - Unauthenticated Command Injection Date: 07/25/2023 Exploit Author: Voyag3r https://github.com/Voyag3r-Security Vendor Homepage: https://www.tp-link.com/us/ Version: TP-Link Archer AX21 AX1800 firmware versions before 1.1.4 Build 20230219...
Metasploit Weekly Wrap-Up
Fly High in the Sky With This New Cloud Exploit! This week, a new module was added that takes advantage of both authentication bypass and command injection in certain versions of Western Digital's MyCloud hardware. Submitted by community member Erik Wynter, this module gains access to the target,...
PT-2023-04: Unauth Command Injection in Zyxel products
An issue was identified in Zyxel products affecting: ATP ZLD V5.10V5.35; USG FLEX ZLD V5.00V5.35; USG FLEX 50W/ USG20W-VPN ZLD V5.10V5.35; VPN ZLD V5.00V5.35. The discovered vulnerability can be exploited by an unauthenticated attacker to modify device configuration data, causing a denial of...
CVE-2023-27394
Osprey Pump Controller version 1.01 is vulnerable an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts...
PT-2023-7429 · Unknown · Osprey Pump Controller
Name of the Vulnerable Software and Affected Versions: Osprey Pump Controller version 1.01 Description: The issue is related to an unauthenticated OS command injection vulnerability. This vulnerability can be exploited to inject and execute arbitrary shell commands through a HTTP POST parameter...
Cacti 1.2.22 unauthenticated command injection
This module exploits an unauthenticated command injection vulnerability in Cacti through 1.2.22 CVE-2022-46169 in order to achieve unauthenticated remote code execution as the www-data user. The module first attempts to obtain the Cacti version to see if the target is affected. If LOCALDATAID...
Apache Spark Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'Apache Spark Unauthenticated Command Injection RCE', 'Description' = %q This module exploits an unauthenticated command...
CVE-2022-21941
All versions of iSTAR Ultra prior to version 6.8.9.CU01 are vulnerable to a command injection that could allow an unauthenticated user root access to the system...
CVE-2022-21941
All versions of iSTAR Ultra prior to version 6.8.9.CU01 are vulnerable to a command injection that could allow an unauthenticated user root access to the system...
Roxy-WI Prior to 6.1.1.0 Unauthenticated Command Injection RCE
This module exploits an unauthenticated command injection vulnerability in Roxy-WI prior to version 6.1.1.0. Successful exploitation results in remote code execution under the context of the web server user. Roxy-WI is an interface for managing HAProxy, Nginx and Keepalived servers. Module Option...
FLIR AX8 1.46.16 Remote Command Execution Exploit
-- coding: utf-8 -- Exploit Title: FLIR AX8 Unauthenticated OS Command Injection Exploit Author: Samy Younsi Naqwada https://samy.link Vendor Homepage: https://www.flir.com/ Software Link: https://www.flir.com/products/ax8-automation/ PoC: https://www.youtube.com/watch?v=dh0rfAIWok Version: 1.46....
A Door Isn’t a Door When It’s Ajar - Part 2
A Door Isn’t a Door When It’s Ajar - Part II By Trellix · August 18, 2022 This story was also written by Steve Povolny and Sam Quinn Contents Introduction Software Hacking Software Hacking Shopping List Vulnerabilities Discovered CVE-2022-31479: Command injection via the web interface Vulnerable...
Zyxel Firewall ZTP Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel Firewall ZTP Unauthenticated Command Injection', 'Description' = %q This module exploits CVE-2022-30525, an unauthenticated remote command...
CVE-2021-45876
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware...
CVE-2021-45876
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware...