Nanopool Claymore Dual Miner APIs Remote Code Execution Exploit

Exploit for multiple platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Nanopool Claymore Dual Miner APIs RCE',...

Nanopool Claymore Dual Miner - APIs Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Nanopool Claymore Dual Miner APIs RCE', 'Description' = %q This module takes advantage of miner remote...

Nanopool Claymore Dual Miner APIs RCE

This module takes advantage of miner remote manager APIs to exploit an RCE vulnerability. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nanopool Claymore Dual Miner APIs RCE', 'Description' =...

Claymore Dual Miner Remote Code Execution(CVE-2018-1000049)

Hello everybody, today I will show you how I found a Remote Code Execution vulnerability on popular Claymore Dual Miner developed by nanopool which you can download from GitHub here. Before continuing to read I want to clarify that I already emailed nanopool without receiving any kind or response...

Nanopool Claymore Dual Miner 7.3 - Remote Code Execution

Nanopool Claymore Dual Miner 7.3 - Remote Code Execution Exploit Title: Nanopool Claymore Dual Miner = 7.3 Remote Code Execution Date: 2018/02/09 Exploit Author: ReverseBrain Vendor Homepage: https://nanopool.org/ Software Link: https://github.com/nanopool/Claymore-Dual-Miner Version: 7.3 and lat...

Nanopool Claymore Dual Miner 7.3 - Remote Code Execution Vulnerability

Exploit for windows platform in category remote exploits Exploit Title: Nanopool Claymore Dual Miner = 7.3 Remote Code Execution Exploit Author: ReverseBrain Vendor Homepage: https://nanopool.org/ Software Link: https://github.com/nanopool/Claymore-Dual-Miner Version: 7.3 and later Tested on:...

VulnCheck KEV: CVE-2018-1000049

Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled...

Nanopool Claymore Dual Miner 7.3 Remote Code Execution

Exploit Title: Nanopool Claymore Dual Miner = 7.3 Remote Code Execution Date: 2018/02/09 Exploit Author: ReverseBrain Vendor Homepage: https://nanopool.org/ Software Link: https://github.com/nanopool/Claymore-Dual-Miner Version: 7.3 and later Tested on: Windows, Linux CVE : 2018-1000049 Suppose t...

Nanopool Claymore Dual Miner 7.3 - Remote Code Execution

Exploit Title: Nanopool Claymore Dual Miner = 7.3 Remote Code Execution Date: 2018/02/09 Exploit Author: ReverseBrain Vendor Homepage: https://nanopool.org/ Software Link: https://github.com/nanopool/Claymore-Dual-Miner Version: 7.3 and later Tested on: Windows, Linux CVE : 2018-1000049 Suppose t...

nanopool Claymore Dual Miner Remote Code Execution Vulnerability

nanopool Claymore Dual Miner is a software for bitcoin mining. A remote code execution vulnerability exists in the API in nanopool Claymore Dual Miner 7.3 and earlier versions. A remote attacker can exploit this vulnerability to execute code...

CVE-2018-1000049

Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled...

CVE-2018-1000049

Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled...

Remote code execution

Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled...

CVE-2018-1000049

Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled...

CVE-2018-1000049

CVE-2018-1000049 affects Nanopool Claymore Dual Miner 7.3 and earlier, via the miner’s remote management API (EthMan) that runs on a configurable port (notably 5555). The vulnerability allows remote code execution when read/write access is enabled, exposing endpoints such as miner_restart, miner_...

Claymore Dual GPU Miner Format String dos attack

Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. !/usr/bin/env python3 -- coding: utf-8 - import socket import json...

Claymore Dual Miner Denial of Service Vulnerability

Claymore Dual Miner is a GPU monitoring software for mining virtual currency computing. A security vulnerability exists in the remote management interface in Claymore Dual Miner 10.5 and earlier versions. A remote attacker could exploit this vulnerability to read memory or cause a denial of servi...

Claymore Dual GPU Miner 10.5 - Format String

Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. After reading about the recent vulnerabilities with previous version...

Claymore Dual GPU Miner 10.5 - Format String

Claymore Dual GPU Miner 10.5 - Format String Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. After reading about the...

Claymore Dual GPU Miner 10.5 Format String

Claymore Dual Gpu Miner = 10.5 Format Strings Vulnerability ======================================================================= product: Claymore's Dual Miner vulnerable version: = 10.5 fixed version: 10.6 CVE number: - CVE-2018a6317 impact: critical homepage:...