5 matches found
SolarWinds Firewall Security Manager 6.6.5 - Client Session Handling (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Solarwinds Firewall Security Manager 6.6.5 Client Session Handling Vulnerability", 'Description' = %q This module exploits multiple...
CVE-2015-2284
creationtimestamp| type| source ---|---|--- 2015-04-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36679 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/solarwindsfsmuserlogin.rb 2025-02-06 03:13:42+00:00...
SolarWinds Firewall Security Manager userlogin.jsp Policy Bypass (CVE-2015-2284)
A policy bypass vulnerability exists in SolarWinds Firewall Security Manager. The vulnerability is due to a design weakness in the userlogin.jsp page which sets the "username" session value to a user supplied value prior to authentication. A remote unauthenticated attacker could exploit this...
CVE-2015-2284
CVE-2015-2284 affects SolarWinds Firewall Security Manager (FSM) prior to version 6.6.5 HotFix1, with a vulnerability in userlogin.jsp that enables an unauthenticated remote attacker to gain privileges and execute arbitrary code via a client session handling flaw. The linked sources indicate mult...
CVE-2015-2284
userlogin.jsp in SolarWinds Firewall Security Manager FSM before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code via unspecified vectors, related to client session handling...