Lucene search
K

4 matches found

Check Point Advisories
Check Point Advisories
added 2019/02/12 12:0 a.m.36 views

Cisco Prime Infrastructure swimtemp TFTP Arbitrary File Upload (CVE-2018-15379)

An arbitrary file upload vulnerability exists in Cisco Prime Infrastructure. The vulnerability is due to the presence of a symbolic link permitting the upload of files into a location where they can be later executed. Successful exploitation could result in the execution of arbitrary code in the...

7.5CVSS2.3AI score0.86221EPSS
Exploits5
Circl
Circl
added 2018/10/12 3:45 p.m.15 views

CVE-2018-15379

creationtimestamp| type| source ---|---|--- 2018-10-12 15:45:58+00:00| published-proof-of-concept| https://t.me/canyoupwnme/4563 2018-11-10 17:07:12+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ciscoprimeinfrce.rb 2025-02-06 03:13:43+00:00|...

9.8CVSS8.6AI score0.86221EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2018/10/12 12:0 a.m.57 views

Cisco Prime Infrastructure TFTP Arbitrary File Upload and Command Execution Vulnerability (cisco-sa-20181003-pi-tftp)

The Cisco Prime Infrastructure application running on the remote host is affected by an arbitrary file upload flaw, which could lead to a remote code execution vulnerability. This is due to incorrect permissions for various system folders, which a file could be uploaded to via TFTP. The commands ...

9.8CVSS9.1AI score0.86221EPSS
Exploits5References2
CVE
CVE
added 2018/10/05 2:0 p.m.96 views

CVE-2018-15379

Cisco Prime Infrastructure (PI) HTTP web server contains an arbitrary file upload flaw due to incorrect permissions on important directories. An unauthenticated, remote attacker can upload a file via TFTP and, depending on the system, execute commands with the prime user (no admin/root). Attack d...

9.8CVSS9.7AI score0.86221EPSS
Exploits5References4Affected Software1
Rows per page
Query Builder