Veritas Backup Exec Agent Remote Code Execution

frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Veritas Backup Exec Agent Remote Code Execution', 'Description' = %q Veritas Backup Exec Agent supports multiple...

Pulse Secure VPN Remote Code Execution Exploit

The Pulse Connect Secure appliance versions prior to 9.1R9 suffer from an uncontrolled gzip extraction vulnerability which allows an attacker to overwrite arbitrary files, resulting in remote code execution as root. Admin credentials are required for successful exploitation...

Plesk/myLittleAdmin - ViewState .NET Deserialization (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule VIEWSTATEGENERATOR = 'CA0B0334'.freeze VIEWSTATEVALIDATIONKEY = "\x5c\x7e\xef\x66\x50\x63\x9d\x2c\xb8\xfa\xa0\xda\x36\xaf\x24\x45\x2d\xcf" ...

Pandora FMS Ping Authenticated Remote Code Execution

This module exploits a vulnerability found in Pandora FMS 7.0NG and lower. nettools.php in Pandora FMS 7.0NG allows remote attackers to execute arbitrary OS commands. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

Erlang Port Mapper Daemon Cookie RCE

The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie RCE is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location. This module requires Metasploit: https://metasploit.com/download Current source...

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection (Metasploit)

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "HP Smart Storage Administrator Remote Command...

Trend Micro Smart Protection Server Exec Remote Code Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'openssl' require 'base64' class MetasploitModule "Trend Micro Smart Protection Server Exec Remote Code Injection", 'Description' = %q This...

SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ This module is based...

Apache Struts Remote Command Execution

This module exploits a remote command execution vulnerability in Apache Struts versions 'Apache Struts Remote Command Execution', 'Description' = %q This module exploits a remote command execution vulnerability in Apache Struts versions...