6 matches found
Dell SonicWALL Scrutinizer methodDetail SQL Injection (CVE-2014-4977)
An SQL injection vulnerability exists in Dell SonicWALL Scrutinizer. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request. Successful exploitation of this vulnerability can lead to arbitrary code execution in the context of SYSTEM for windows or as Apache f...
Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection (Metasploit)
Exploit for multiple platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection",...
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection", 'Description' = %q This module exploits a vulnerability found in...
CVE-2014-4977
creationtimestamp| type| source ---|---|--- 2016-05-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39836 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/sonicwallscrutinizermethoddetailsqli.rb 2025-02-06...
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
This module exploits a vulnerability found in Dell SonicWALL Scrutinizer. The methodDetail parameter in exporters.php allows an attacker to write arbitrary files to the file system with an SQL Injection attack, and gain remote code execution under the context of SYSTEM for Windows, or as Apache f...
Dell SonicWALL Scrutinizer Multiple Security Vulnerabilities
Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the 1 selectedUserGroup parameter in a create new user request to cgi-bin/admin.cgi or the 2 userid parameter in the changeUnit function, 3 methodDeta...