ZeroShell 3.9.0 - (cgi-bin/kerbynet) Remote Root Command Injection Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zeroshell 3.9.0 Remote Command Execution', 'Description' = %q This module exploits an unauthenticated command injection vulnerability found in...

ZeroShell <= 1.0beta11 RCE Vulnerability - Active Check

ZeroShell is prone to a remote code execution RCE vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

ZeroShell < 3.9.3 RCE Vulnerability - Active Check

ZeroShell is prone to a remote code execution RCE vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

ZeroShell Default Credentials (SSH)

The remote ZeroShell system is using known default credentials for the SSH login. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Zeroshell Remote Code Execution (CVE-2019-12725)

A remote code execution vulnerability exists in Zeroshell. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Zeroshell Remote Command Execution Vulnerability

Zeroshell is a suite of Linux distributions for servers and embedded systems. A security vulnerability exists in Zeroshell version 3.9.0, which stems from the program's failure to properly handle HTTP parameters. The vulnerability can be exploited to execute commands by injecting operating system...

CVE-2019-12725

Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters...

CVE-2019-12725

Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters...

Command injection

Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters...

CVE-2019-12725

Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters...

CVE-2019-12725

Zeroshell 3.9.0 is affected by a remote command execution vulnerability in the web application, caused by mishandling of HTTP parameters, allowing unauthenticated attackers to inject and execute arbitrary OS commands. The issue primarily affects the web interface (e.g., the vulnerable parameter h...

CVE-2019-12725

Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters. Recent assessments:...

VulnCheck KEV: CVE-2009-0545

cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the type parameter in a NoAuthREQ x509List action...

Zeroshell Remote Code Execution Vulnerability

Zeroshell is a Linux distribution for servers and embedded devices that aims to provide the main network services needed for a LAN. A remote code execution vulnerability exists in Zeroshell, which, by failing to properly filter user-submitted input, allows remote attackers to exploit the...

Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution Vulnerability

Exploit for linux platform in category web applications Exploit Title: Zeroshell - Net Services Unauthenticated Remote Code Execution | RCE Date: 13.01.2017 Exploit Author: Ozer Goker Vendor Homepage: http://www.zeroshell.org Software Link: www.zeroshell.org/download/ Version: 3.6.0 & 3.7.0...

Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution

Exploit Title: Zeroshell - Net Services Unauthenticated Remote Code Execution | RCE Date: 13.01.2017 Exploit Author: Ozer Goker Vendor Homepage: http://www.zeroshell.org Software Link: www.zeroshell.org/download/ Version: 3.6.0 & 3.7.0 Introduction Zeroshell is a small Linux distribution for...

Zeroshell 3.6.03.7.0 Net Services - Remote Code Execution

Zeroshell 3.6.03.7.0 Net Services - Remote Code Execution Exploit Title: Zeroshell - Net Services Unauthenticated Remote Code Execution | RCE Date: 13.01.2017 Exploit Author: Ozer Goker Vendor Homepage: http://www.zeroshell.org Software Link: www.zeroshell.org/download/ Version: 3.6.0 & 3.7.0...

Zeroshell 3.6.0 / 3.7.0 Remote Code Execution

Exploit Title: Zeroshell - Net Services Unauthenticated Remote Code Execution | RCE Date: 13.01.2017 Exploit Author: Ozer Goker Vendor Homepage: http://www.zeroshell.org Software Link: www.zeroshell.org/download/ Version: 3.6.0 & 3.7.0 Introduction Zeroshell is a small Linux distribution for...

ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure Vulnerability

No description provided by source. Introduction to the PoC : ====================================================================== In this distribution, the managment website is a binary file named kerbynet interpreted in cgi-bin directory here : /cdrom/usr/local/apache2/cgi-bin/kerbynet So all...

ZeroShell <= 1.0beta11 Remote Code Execution Vulnerability

No description provided by source. ==================================================== ZeroShell = 1.0beta11 Remote Code Execution Original Advisory: http://www.ikkisoft.com/stuff/LC-2009-01.txt luca.carettoniatikkisoftdotcom ==================================================== ZeroShell...