Lucene search
+L

12 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-19454

Malware in sbrugna...

9.8CVSS9.5AI score0.53872EPSS
Exploits3References5
nvd
nvd
added 2018/03/07 2:29 a.m.21 views

CVE-2018-7739

antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=&password=%0a string to the /login URI. This allows obtaining root permissions within the web management console, because the...

9.8CVSS9.7AI score0.53872EPSS
Exploits3References3
prion
prion
added 2018/03/07 2:29 a.m.12 views

Input validation

antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=&password=%0a string to the /login URI. This allows obtaining root permissions within the web management console, because the...

7.5CVSS9.6AI score0.53872EPSS
Exploits3References3Affected Software1
exploitpack
exploitpack
added 2018/03/07 12:0 a.m.16 views

antMan 0.9.0c - Authentication Bypass

antMan 0.9.0c - Authentication Bypass Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt and modify the POS...

0.4AI score
Exploits0
zdt
zdt
added 2018/03/07 12:0 a.m.47 views

antMan 0.9.0c - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt an...

9.2AI score0.53872EPSS
Exploits3
packetstorm
packetstorm
added 2018/03/07 12:0 a.m.48 views

antMan 0.9.0c Authentication Bypass

Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt and modify the POST parameters as follows:...

0.4AI score0.53872EPSS
Exploits3
cnvd
cnvd
added 2018/03/07 12:0 a.m.5 views

Antsle antman authentication bypass vulnerability

Antsle antman is a private cloud server product from Antsle USA. A security vulnerability exists in Antsle antman prior to version 0.9.1a, which stems from the login process using Java's ProcessBuilder class and a bash script that fails to adequately filter input when calling antsle-auth. A remot...

9.8CVSS7.3AI score0.53872EPSS
Exploits3References1
exploitdb
exploitdb
added 2018/03/07 12:0 a.m.43 views

antMan 0.9.0c - Authentication Bypass

Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt and modify the POST parameters as follows:...

7.4AI score
Exploits0
cve
cve
added 2018/03/06 10:0 p.m.47 views

CVE-2018-7739

CVE-2018-7739 affects Antsle’s antMan web management console (pre-0.9.1a). A remote attacker can bypass authentication by sending invalid characters in the username and password to the /login URI. The login flow uses Java’s ProcessBuilder to invoke a root-privileged bash script (antsle-auth) with...

9.8CVSS9.6AI score0.53872EPSS
Exploits3References3Affected Software1
cvelist
cvelist
added 2018/03/06 10:0 p.m.21 views

CVE-2018-7739

antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=&password=%0a string to the /login URI. This allows obtaining root permissions within the web management console, because the...

9.8AI score0.53872EPSS
Exploits3References3
exploitpack
exploitpack
added 2018/03/02 12:0 a.m.20 views

antMan 0.9.1a - Authentication Bypass

antMan 0.9.1a - Authentication Bypass Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt and modify the POS...

0.5AI score
Exploits0
exploitdb
exploitdb
added 2018/03/02 12:0 a.m.27 views

antMan < 0.9.1a - Authentication Bypass

Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt and modify the POST parameters as follows:...

7.4AI score
Exploits0
Rows per page
Query Builder