14 matches found
Unitrends UEB - HTTP API Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends UEB http api remote code execution', 'Description' = %q It was discovered that the api/storage web interface in Unitrends Backup UB...
Unitrends UEB HTTP API Remote Code Execution Exploit
It was discovered that the api/storage web interface in Unitrends Backup UB before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw to bypass authentication and execute arbitrary commands with root privilege on the target system. UE...
Unitrends UEB HTTP API Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends UEB http api remote code execution', 'Description' = %q It was discovered that the api/storage web interface in Unitrends Backup UB...
Unitrends UEB 9 HTTP API/Storage Remote Root(CVE-2017-12478)
No description provided by source. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends UEB 9 http api/storage remote root', 'Description' = %q It was discovered that the api/storage web...
Unitrends UEB 9 - http api/storage Remote Root (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends UEB 9 http api/storage remote root', 'Description' = %q It was discovered that the api/storage web interface in Unitrends Backup UB...
Unitrends < 10.0.0 Multiple Vulnerabilities
Unitrends UEB is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Unitrends UEB 9 HTTP API/Storage Remote Root Exploit
It was discovered that the api/storage web interface in Unitrends Backup UB before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw to bypass authentication and execute arbitrary commands with root privilege on the target system. Th...
Unitrends UEB 9 HTTP API/Storage Remote Root
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends UEB 9 http api/storage remote root', 'Description' = %q It was discovered that the api/storage web interface in Unitrends Backup UB...
Unitrends UEB 9.1 - Authentication Bypass / Remote Command Execution Exploit
Exploit for linux platform in category remote exploits Exploit Title: Unauthenticated root RCE for Unitrends UEB 9.1 Date: 08/08/2017 Exploit Authors: Cale Smith, Benny Husted, Jared Arave Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendo...
Unitrends UEB 9.1 Authentication Bypass / Remote Command Execution
Exploit Title: Unauthenticated root RCE for Unitrends UEB 9.1 Date: 08/08/2017 Exploit Authors: Cale Smith, Benny Husted, Jared Arave Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage: https://www.unitrends.com/ Software Link:...
CVE-2017-12478
creationtimestamp| type| source ---|---|--- 2017-08-08 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42958 2017-10-23 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43030 2018-10-05 21:28:59+00:00| seen|...
Unitrends UEB 9.1 - Authentication Bypass Remote Command Execution
Unitrends UEB 9.1 - Authentication Bypass Remote Command Execution Exploit Title: Unauthenticated root RCE for Unitrends UEB 9.1 Date: 08/08/2017 Exploit Authors: Cale Smith, Benny Husted, Jared Arave Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted ||...
Unitrends UEB 9.1 - Authentication Bypass / Remote Command Execution
Exploit Title: Unauthenticated root RCE for Unitrends UEB 9.1 Date: 08/08/2017 Exploit Authors: Cale Smith, Benny Husted, Jared Arave Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage: https://www.unitrends.com/ Software Link:...
CVE-2017-12478
It was discovered that the api/storage web interface in Unitrends Backup UB before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw to bypass authentication and execute arbitrary commands with root privilege on the target system...