Lucene search
K

4 matches found

CVE
CVE
added 2020/02/13 8:11 p.m.78 views

CVE-2015-6589

CVE-2015-6589 is a directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) affecting versions 7.0.0.0–7.0.0.32, 8.0.0.0–8.0.0.22, 9.0.0.0–9.0.0.18, and 9.1.0.0–9.1.0.8/9.1.0.9 (pre-patch). The issue arises from insufficient restrictions on file paths to json.ashx, allowing ...

8.8CVSS9AI score0.13577EPSS
Exploits7References4Affected Software1
Packet Storm
Packet Storm
added 2015/09/30 12:0 a.m.48 views

Kaseya Virtual System Administrator Code Execution / Privilege Escalation

Hi, I have found 3 vulnerabilities in Kaseya's flagship product: - unauthenticated remote code execution CVE-2015-6922 / ZDI-15-449 - unauthenticated remote privilege escalation CVE-2015-6922 / ZDI-15-448 - authenticated remote code execution CVE-2015-6589 / ZDI-15-450 Kaseya VSA is an IT...

0.9AI score0.82102EPSS
Exploits14
Exploit DB
Exploit DB
added 2015/09/29 12:0 a.m.46 views

Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (2)

Kaseya VSA is an IT management platform for small and medium corporates. From its console you can control thousands of computers and mobile devices. So that if you own the Kaseya server, you own the organisation. With this post I'm also releasing two Metasploit modules E1, E2 and a Ruby file E3...

9.8CVSS9.3AI score0.82102EPSS
Exploits14
exploitpack
exploitpack
added 2015/09/28 12:0 a.m.39 views

Kaseya Virtual System Administrator (VSA) 7.0 9.1 - (Authenticated) Arbitrary File Upload

Kaseya Virtual System Administrator VSA 7.0 9.1 - Authenticated Arbitrary File Upload !/usr/bin/ruby kazPwn.rb - Kaseya VSA v7 to v9.1 authenticated arbitrary file upload CVE-2015-6589 / ZDI-15-450 =================== by Pedro Ribeiro / Agile Information Security Disclosure date: 28/09/2015 Usage...

7.5CVSS0.6AI score0.82102EPSS
Exploits14
Rows per page
Query Builder