WatchGuard XTM Firebox Unauthenticated Remote Command Execution Exploit

This Metasploit module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This...

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'WatchGuard XTM Firebox Unauthenticated Remote Command Execution', 'Description' = %q This module exploits a buffer overflow at the...

WatchGuard XTM Firebox Unauthenticated Remote Command Execution

This module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This vulnerability impac...

Ignition Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unauthenticated remote code execution in Ignition', 'Description' = %q Ignition before 2.5.2, as used in Laravel and other products, allows...

Laravel 8.4.2 debug mode - Remote code execution

Exploit Title: Laravel 8.4.2 debug mode - Remote code execution Date: 1.14.2021 Exploit Author: SunCSR Team Vendor Homepage: https://laravel.com/ References: https://www.ambionics.io/blog/laravel-debug-rce https://viblo.asia/p/6J3ZgN8PKmB Version: = 8.4.2 Tested on: Ubuntu 18.04 + nginx + php 7.4...

An Undisclosed Critical Vulnerability Affect vBulletin Forums — Patch Now

If you are running an online discussion forum based on vBulletin software, make sure it has been updated to install a newly issued security patch that fixes a critical vulnerability. Maintainers of the vBulletin project recently announced an important patch update but didn't reveal any informatio...

Drupal CVE-2019-6340 Remote Code Execution EXP

Description This Metasploit module exploits a PHP unserialize vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also...

Drupal RESTful Web Services unserialize() Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal RESTful Web Services unserialize RCE', 'Description' = %q This module exploits a PHP unserialize vulnerability in Drupal RESTful Web...

Drupal RESTful Web Services unserialize() RCE

This module exploits a PHP unserialize vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also vulnerable albeit cached...

TYPO3 News Module - SQL Injection Exploit

Exploit for php platform in category web applications Exploit Title: TYPO3 News Module SQL Injection Vendor Homepage: https://typo3.org/extensions/repository/view/news Exploit Author: Charles FOL Contact: https://twitter.com/ambionics Website: https://www.ambionics.io/blog/typo3-news-module-sqli...

TYPO3 News Module SQL Injection

Exploit Title: TYPO3 News Module SQL Injection Vendor Homepage: https://typo3.org/extensions/repository/view/news Exploit Author: Charles FOL Contact: https://twitter.com/ambionics Website: https://www.ambionics.io/blog/typo3-news-module-sqli !/usr/bin/python3 TYPO3 News Module SQL Injection...

Drupal 7.x Services module unserialize() to RCE

Upon auditing Drupal's Services module, the Ambionics team came accross an insecure use of unserialize. The exploitation of the vulnerability allowed for privilege escalation, SQL injection and, finally, remote code execution. Services module Services is a "standardized solution for building API'...