Lucene search
K

4 matches found

Check Point Advisories
Check Point Advisories
added 2016/11/23 12:0 a.m.17 views

GroundWork monarch_scan.cgi OS Command Injection (CVE-2013-3502)

A vulnerability exists in GroundWork 6.7.0. The vulnerability exists in the monarchscan.cgi where user controlled input is used in a perl function. This allows any remote authenticated attacker, regardless of privileges, to inject system commands and gain arbitrary code execution...

6.5CVSS6AI score0.53706EPSS
Exploits1
CVE
CVE
added 2013/05/08 10:0 a.m.57 views

CVE-2013-3502

GroundWork Monitor Enterprise 6.7.0 is affected by CVE-2013-3502 via monarch_scan.cgi. The root cause is untrusted user input used in a Perl function (qx), enabling remote authenticated attackers to inject commands and achieve arbitrary code execution and potential data exposure. A Metasploit mod...

6.5CVSS7.1AI score0.53706EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2013/05/08 10:0 a.m.28 views

CVE-2013-3502

monarchscan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by leveraging a JOSSO SSO cookie...

6.9AI score0.53706EPSS
Exploits1References4
Circl
Circl
added 2013/04/25 12:0 a.m.8 views

CVE-2013-3502

creationtimestamp| type| source ---|---|--- 2013-04-25 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/25001 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/groundworkmonarchcmdexec.rb 2025-02-06 03:13:41+00:00...

6.5CVSS5.7AI score0.53706EPSS
Exploits1References2
Rows per page
Query Builder