Lucene search
K

53 matches found

Packet Storm
Packet Storm
added 2019/04/29 12:0 a.m.67 views

AIS Logistics ESEL-Server SQL Injection / Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AIS logistics ESEL-Server Unauth SQL Injection RCE', 'Description' = %q This module will execute an arbitrary payload on an "ESEL" server used by...

0.4AI score0.6585EPSS
Exploits5
Metasploit
Metasploit
added 2019/03/27 9:23 a.m.45 views

AIS logistics ESEL-Server Unauth SQL Injection RCE

This module will execute an arbitrary payload on an "ESEL" server used by the AIS logistic software. The server typically listens on port 5099 without TLS. There could also be server listening on 5100 with TLS but the port 5099 is usually always open. The login process is vulnerable to an SQL...

9.8CVSS9.9AI score0.6585EPSS
Exploits5
0day.today
0day.today
added 2019/03/07 12:0 a.m.536 views

Android su Privilege Escalation Exploit

This Metasploit module uses the su binary present on rooted devices to run a payload as root. A rooted Android device will contain a su binary often linked with an application that allows the user to run commands as root. This module will use the su binary to execute a command stager as root. The...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2019/03/07 12:0 a.m.292 views

Android su Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Android 'su' Privilege Escalation", 'Description' = %q This module uses the su binary present on rooted devices to run a payload as root. A roote...

1.2AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/02 12:0 a.m.75 views

Hashicorp Consul - Remote Command Execution via Services API (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Hashicorp Consul Remote Command Execution via Services API", 'Description' = %q This module exploits Hashicorp Consul's services API to gain remo...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/12/29 12:0 a.m.50 views

Hashicorp Consul Rexec Remote Command Execution Exploit

This Metasploit module exploits a feature of Hashicorp Consul named rexec. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Hashicorp Consul Remote Command Execution via Rexec", 'Description' = ...

Exploits0
Packet Storm
Packet Storm
added 2018/11/27 12:0 a.m.116 views

Netgear Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear Devices Unauthenticated Remote Command Execution', 'Description' = %q From the CVE-2016-1555 page: 1 boardData102.php, 2 boardData103.php...

10CVSS0.4AI score0.98325EPSS
Exploits5
Metasploit
Metasploit
added 2018/10/23 8:51 p.m.34 views

WebExec Authenticated User Code Execution

This module uses a valid username and password of any level or password hash to execute an arbitrary payload. This module is similar to the "psexec" module, except allows any non-guest account by default. This module requires Metasploit: https://metasploit.com/download Current source:...

7.8CVSS7.6AI score0.1602EPSS
Exploits14
Packet Storm
Packet Storm
added 2018/07/12 12:0 a.m.53 views

Apache CouchDB Arbitrary Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache CouchDB Arbitrary Command Execution', 'Description' = %q CouchDB administrative users can configure the database server via HTTPS. Some of...

10CVSS0.1AI score0.99838EPSS
Exploits21
Packet Storm
Packet Storm
added 2018/05/24 12:0 a.m.53 views

D-Link DSL-2750B OS Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link DSL-2750B OS Command Injection', 'Description' = %q This module exploits a remote command injection vulnerability in D-Link DSL-2750B...

Exploits0
Metasploit
Metasploit
added 2018/05/15 7:47 a.m.48 views

Hadoop YARN ResourceManager Unauthenticated Command Execution

This module uses Hadoop's standard ResourceManager REST API to execute arbitrary commands on an unsecured Hadoop server. Hadoop administrators should enable Kerberos authentication for these endpoints by changing the 'hadoop.security.authentication' setting in 'core-site.xml' from 'simple' the...

1.2AI score
Exploits0
Metasploit
Metasploit
added 2018/05/06 6:16 a.m.22 views

Android 'su' Privilege Escalation

This module uses the su binary present on rooted devices to run a payload as root. A rooted Android device will contain a su binary often linked with an application that allows the user to run commands as root. This module will use the su binary to execute a command stager as root. The command...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/12/19 12:0 a.m.55 views

Jenkins - XStream Groovy classpath Deserialization (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins XStream Groovy classpath Deserialization Vulnerability', 'Description' = %q This module exploits CVE-2016-0792 a vulnerability in Jenkins...

9CVSS6.9AI score0.82697EPSS
Exploits23
0day.today
0day.today
added 2017/08/29 12:0 a.m.35 views

QNAP Transcode Server Command Execution Exploit

This Metasploit module exploits an unauthenticated remote command injection vulnerability in QNAP NAS devices. The transcoding server listens on port 9251 by default and is vulnerable to command injection using the 'rmfile' command. This Metasploit module was tested successfully on a QNAP TS-431...

7.8AI score
Exploits0
Packet Storm
Packet Storm
added 2017/03/12 12:0 a.m.229 views

Netgear R7000 / R6400 cgi-bin Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Netgear R7000 and R6400 cgi-bin Command Injection", 'Description' = %q This module exploits an arbitrary command injection...

9.3CVSS0.2AI score0.99781EPSS
Exploits9
exploitpack
exploitpack
added 2016/06/15 12:0 a.m.66 views

Bomgar Remote Support - Code Execution (Metasploit)

Bomgar Remote Support - Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Bomgar Remote Support Unauthenticated Code Execution', 'Description' = %q This...

7.5CVSS7.1AI score0.05869EPSS
Exploits4
Packet Storm
Packet Storm
added 2015/07/17 12:0 a.m.38 views

D-Link Cookie Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'D-Link Cookie Command Execution', 'Description' = %q This module exploits an anonymous remote upload and code execution vulnerabilit...

Exploits0
0day.today
0day.today
added 2015/06/02 12:0 a.m.50 views

Airties login-cgi Buffer Overflow Exploit

Exploit for hardware platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Airties login-cgi Buffer Overflow', 'Description' = %q This module exploit...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2014/10/17 4:47 p.m.82 views

SSH User Code Execution

This module connects to the target system and executes the necessary commands to run the specified payload via SSH. If a native payload is specified, an appropriate stager will be used. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5CVSS7.1AI score0.53618EPSS
Exploits41
Metasploit
Metasploit
added 2014/08/06 3:21 a.m.27 views

Gitlab-shell Code Execution

This module takes advantage of the addition of authorized ssh keys in the gitlab-shell functionality of Gitlab. Versions of gitlab-shell prior to 1.7.4 used the ssh key provided directly in a system call resulting in a command injection vulnerability. As this relies on adding an ssh key to an...

6.5CVSS7.5AI score0.42139EPSS
Exploits5
Rows per page
Query Builder