Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.219 views

Nuuo Central Management Server User Session Token Bruteforce

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'benchmark' class MetasploitModule 'Nuuo Central Management Server User Session Token Bruteforce', 'Description' = %q Nuuo Central Management Server below versio...

9.8CVSS7AI score0.29639EPSS
Exploits2
Circl
Circl
added 2019/02/20 3:25 p.m.16 views

CVE-2018-17888

creationtimestamp| type| source ---|---|--- 2019-02-20 15:25:22+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/nuuocmsbruteforce.rb 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:06+00:00| seen|...

9.8CVSS9.4AI score0.29639EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/10/12 2:0 p.m.23 views

CVE-2018-17888

NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution...

9.7AI score0.29639EPSS
Exploits2References2
CVE
CVE
added 2018/10/12 2:0 p.m.49 views

CVE-2018-17888

CVE-2018-17888 affects NUUO CMS versions 3.1 and prior. The vulnerability stems from an insecure session identification mechanism that can let an attacker obtain the active session ID, potentially enabling arbitrary remote code execution. Public assessments cite a high/critical risk (CVSS v3 base...

9.8CVSS9.7AI score0.29639EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder