Lucene search
K

8 matches found

Circl
Circl
added 2018/07/31 2:16 a.m.11 views

CVE-2018-12465

creationtimestamp| type| source ---|---|--- 2018-07-31 02:16:41+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/microfocussecuremessaginggateway.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...

9.1CVSS7.2AI score0.78955EPSS
Exploits5References2
Packet Storm
Packet Storm
added 2018/07/31 12:0 a.m.43 views

MicroFocus Secure Messaging Gateway Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution", 'Description' = %q This module exploits a SQL injection and command injection...

8.4AI score0.80539EPSS
Exploits5
exploitpack
exploitpack
added 2018/07/24 12:0 a.m.55 views

Micro Focus Secure Messaging Gateway (SMG) 471 - Remote Code Execution (Metasploit)

Micro Focus Secure Messaging Gateway SMG 471 - Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution",...

0.80539EPSS
Exploits5
OSV
OSV
added 2018/06/29 4:29 p.m.3 views

CVE-2018-12465

An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway SMG allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve...

7.2CVSS6.1AI score0.78955EPSS
Exploits5References3
NVD
NVD
added 2018/06/29 4:29 p.m.16 views

CVE-2018-12464

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create an administrative account and used in...

10CVSS8.8AI score0.80539EPSS
Exploits5References3
Prion
Prion
added 2018/06/29 4:29 p.m.19 views

Sql injection

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create an administrative account and used in...

7.5CVSS7.8AI score0.80539EPSS
Exploits5References3Affected Software1
CVE
CVE
added 2018/06/29 4:0 p.m.42 views

CVE-2018-12465

CVE-2018-12465 describes an OS command injection in the web administration component of Micro Focus Secure Messaging Gateway (SMG). A remote attacker authenticated as a privileged user can run arbitrary OS commands on the SMG server. The CVE notes this can be leveraged with CVE-2018-12464 (SQL in...

9.1CVSS8.5AI score0.78955EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2018/06/29 4:0 p.m.22 views

CVE-2018-12465 Remote Code Execution in Micro Focus Secure Messaging Gateway

An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway SMG allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve...

9.1CVSS9.4AI score0.78955EPSS
Exploits5References3
Rows per page
Query Builder