8 matches found
CVE-2018-12465
creationtimestamp| type| source ---|---|--- 2018-07-31 02:16:41+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/microfocussecuremessaginggateway.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...
MicroFocus Secure Messaging Gateway Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution", 'Description' = %q This module exploits a SQL injection and command injection...
Micro Focus Secure Messaging Gateway (SMG) 471 - Remote Code Execution (Metasploit)
Micro Focus Secure Messaging Gateway SMG 471 - Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution",...
CVE-2018-12465
An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway SMG allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve...
CVE-2018-12464
A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create an administrative account and used in...
Sql injection
A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create an administrative account and used in...
CVE-2018-12465
CVE-2018-12465 describes an OS command injection in the web administration component of Micro Focus Secure Messaging Gateway (SMG). A remote attacker authenticated as a privileged user can run arbitrary OS commands on the SMG server. The CVE notes this can be leveraged with CVE-2018-12464 (SQL in...
CVE-2018-12465 Remote Code Execution in Micro Focus Secure Messaging Gateway
An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway SMG allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve...