RHEL 8 : xmlrpc-c (RHSA-2024:4259)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4259 advisory. XML-RPC is a remote procedure call RPC protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a...

Moderate: xmlrpc-c security and bug fix update

XML-RPC is a remote procedure call RPC protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC remote procedure call over the Internet. It converts an RPC into an XML document,...

GHSA-229X-22XC-2F2W Zendframework Local file disclosure via XXE injection in Zend_XmlRpc

ZendXmlRpc is vulnerable to XML eXternal Entity XXE Injection attacks. The SimpleXMLElement class SimpleXML PHP extension is used in an insecure way to parse XML data. External entities can be specified by adding a specific DOCTYPE element to XML-RPC requests. By exploiting this vulnerability an...

Zendframework Local file disclosure via XXE injection in Zend_XmlRpc

ZendXmlRpc is vulnerable to XML eXternal Entity XXE Injection attacks. The SimpleXMLElement class SimpleXML PHP extension is used in an insecure way to parse XML data. External entities can be specified by adding a specific DOCTYPE element to XML-RPC requests. By exploiting this vulnerability an...

RHEL 6 : xmlrpc3 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - XML-RPC SAX parser information exposure CVE-2011-3600 Note that Nessus has not tested for this issue but has instea...

How to track and stop CVE-2024-3400: Palo Alto Networks API Exploit Causing Critical Infrastructure and Enterprise Epidemics

On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. A patch is expected to be available on April 14th. The advisory from Palo Alto...

TeamCity Agent XML-RPC Command Execution Exploit

This Metasploit module allows remote code execution on TeamCity Agents configured to use bidirectional communication via xml-rpc. In bidirectional mode the TeamCity server pushes build commands to the Build Agents over port TCP/9090 without requiring authentication. Up until version 10 this was t...

WatchGuard XTM Firebox Unauthenticated Remote Command Execution Exploit

This Metasploit module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This...

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'WatchGuard XTM Firebox Unauthenticated Remote Command Execution', 'Description' = %q This module exploits a buffer overflow at the...

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

This module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This vulnerability impac...

ROS-2-1421

2.1421 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

ROS-2-1540

2.1540 Multiple Vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

BIT-WORDPRESS-2020-28035

WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC...

BIT-WORDPRESS-2020-28036

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post...

BIT-WORDPRESS-MULTISITE-2020-28035

WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC...

BIT-WORDPRESS-MULTISITE-2020-28036

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post...

BIT-MOODLE-2021-32474

An SQL injection risk existed on sites with MNet enabled and configured, via an XML-RPC call from the connected peer host. Note that this required site administrator access or access to the keypair. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions...

WordPress Plugin Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan Security Vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Disable Json API, Login...

Apache XML-RPC: Multiple Vulnerabilities

Background Apache XML-RPC previously known as Helma XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Description Multiple vulnerabilities have been discovered in Apache XML-RPC. Please review the CVE identifiers reference...

VulnCheck KEV: CVE-2023-49070

Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10...